rpm package
opensuse/yara&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/yara&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-9304 | Hig | 7.5 | < 4.1.1-1.2 | 4.1.1-1.2 | May 31, 2017 | libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function. | |
| CVE-2017-8294 | Hig | 7.5 | < 4.1.1-1.2 | 4.1.1-1.2 | Apr 27, 2017 | libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function. | |
| CVE-2016-10210 | Hig | 7.5 | < 4.1.1-1.2 | 4.1.1-1.2 | Apr 3, 2017 | libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. |
- affected < 4.1.1-1.2fixed 4.1.1-1.2
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function.
- affected < 4.1.1-1.2fixed 4.1.1-1.2
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
- affected < 4.1.1-1.2fixed 4.1.1-1.2
libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function.