GHSA-qmr8-5qxx-8j5h

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

Ссылки

EPSS

Процентиль: 49%

0.00255

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2018-19975

Дефекты

CWE-125

Связанные уязвимости

CVE-2018-19975

CVSS3: 5.5

ubuntu

около 7 лет назад

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

CVE-2018-19975

CVSS3: 5.5

nvd

около 7 лет назад

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

CVE-2018-19975

CVSS3: 5.5

debian

около 7 лет назад

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...

EPSS

Процентиль: 49%

0.00255

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2018-19975

Дефекты

CWE-125