Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
YARA 安全漏洞
Vulnerability Description
YARA是一套用于帮助软件研究人员识别和分类恶意软件样本的工具。regex component是其中的一个正则表达式组件。 YARA 3.5.0中的libyara/grammar.y文件存在安全漏洞。远程攻击者可利用该漏洞造成拒绝服务(释放后重用和应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A