radare2.js is vulnerable to denial of service. The vulnerability exists due to the out-of-bound read in the library, allowing an attacker to access the memory location beyond the buffer, leading to an application crash.
github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5
github.com/radareorg/radare2/pull/19671
huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca
huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca/
lists.fedoraproject.org/archives/list/[email protected]/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/
lists.fedoraproject.org/archives/list/[email protected]/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/