Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libyara/re.c in the regex component in YARA 3.5.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted rule that is mishandled in the yr_re_exec function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
YARA regex组件安全漏洞
Vulnerability Description
YARA是一套用于帮助软件研究人员识别和分类恶意软件样本的工具。regex component是其中的一个正则表达式组件。 YARA 3.5.0版本中的regex组件的libyara/re.c文件存在安全漏洞。远程攻击者可利用该漏洞造成拒绝服务(越边界读取和应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A