{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T14:43:52.912","vulnerabilities":[{"cve":{"id":"CVE-2024-53256","sourceIdentifier":"security-advisories@github.com","published":"2024-12-23T16:15:06.797","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due the usage of `rz_core_cmdf` to invoke the command `m` which was removed in v0.1.x. A malicious binary defining `bclass` (part of RzBinInfo) is executed if `rclass` (part of RzBinInfo) is set to `fs`; the vulnerability can be exploited by any bin format where `bclass` and `rclass` are user defined. This vulnerability is fixed in 0.7.4."},{"lang":"es","value":"Rizin es un framework de ingeniería inversa similar a UNIX y un conjunto de herramientas de línea de comandos. `rizin.c` todavía tenía un fragmento de código antiguo que sufrió una inyección de comando debido al uso de `rz_core_cmdf` para invocar el comando `m` que se eliminó en v0.1.x. Se ejecuta un binario malicioso que define `bclass` (parte de RzBinInfo) si `rclass` (parte de RzBinInfo) está configurado en `fs`; la vulnerabilidad puede ser explotada por cualquier formato bin donde `bclass` y `rclass` estén definidos por el usuario. Esta vulnerabilidad se solucionó en 0.7.4."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/rizinorg/rizin/blob/be24ca8879ed9c58f288bdf21c271b6294720da4/librz/main/rizin.c#L1275-L1278","source":"security-advisories@github.com"},{"url":"https://github.com/rizinorg/rizin/commit/db6c5b39c065ce719f587c9815c47fbb834b10fa","source":"security-advisories@github.com"},{"url":"https://github.com/rizinorg/rizin/security/advisories/GHSA-5jhc-frm4-p8v9","source":"security-advisories@github.com"}]}}]}