Use-After-Free Vulnerability in Radare2's pyc Parser's get_none_object Function

CVE-2021-32495 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.

Learn more about our Web Application Penetration Testing UK.