{"id":"CVE-2020-24133","details":"A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.","modified":"2026-04-10T04:24:53.803029Z","published":"2021-07-14T22:15:10.490Z","references":[{"type":"FIX","url":"https://github.com/radareorg/radare2-extras/pull/255"},{"type":"FIX","url":"https://github.com/radareorg/radare2-extras/pull/255/commits/4a8b24475549ff10bdf6d07fd4b5f6c1cc6246ea"},{"type":"FIX","url":"https://github.com/radareorg/radare2-extras/pull/255/commits/9f6a221433964d9b14f3ed78bc9fb059395b893b"},{"type":"ARTICLE","url":"https://cwe.mitre.org/data/definitions/122.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/radareorg/radare2-extras","events":[{"introduced":"0"},{"fixed":"184a769b903842a160081477c8d9dd64b1efc7e2"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"5.1.0"}]}}],"versions":["0.10.0","0.10.2","0.10.4","0.10.5","0.10.6","1.0","1.1.0","1.2.0","1.3.0","1.4.0","1.5.0","1.6.0","2.0.0","2.1.0","2.2.0","2.3.0","2.4.0","2.5.0","2.6.0","2.7.0","2.8.0","2.9.0","3.0.1","3.1.0","3.3.0","3.4.0","3.5.0","3.6.0","3.7.0","3.9.0","4.0.0","4.3.0","4.4.0","d"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24133.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}