Lucene search

K

GoogleOSV:CVE-2021-3402

HistoryMay 14, 2021 - 9:15 p.m.

CVE-2021-3402

2021-05-1421:15:07

Google

osv.dev

4

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.5%

An integer overflow and several buffer overflow reads in libyara/modules/macho/macho.c in YARA v4.0.3 and earlier could allow an attacker to either cause denial of service or information disclosure via a malicious Mach-O file. Affects all versions before libyara 4.0.4

CPENameOperatorVersion
yaraeq4.0.0-rc1
yaraeq3.0.0
yaraeq3.9.0
yaraeq4.0.0-rc2
yaraeq3.4.0
yaraeq4.0.3
yaraeq3.3.0
yaraeq3.2.0
yaraeq4.0.0-rc3
yaraeq3.1.0

Rows per page:

1-10 of 221

References

bugzilla.redhat.com/show_bug.cgi?id=1930175

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FKNXSH5ERG6NELTXCYVJLUPJJJ2TNEBD/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XXM224OLGI6KAOROLDPPGGCZ2OQVQ6HH/

www.openwall.com/lists/oss-security/2021/01/29/2

www.x41-dsec.de/lab/advisories/x41-2021-001-yara/

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.5%

Related for OSV:CVE-2021-3402

cve1 debiancve1 prion1 ubuntucve1 veracode1 rosalinux1 nvd1 cvelist1 fedora4 openvas4