Information on source package yara

Available versions

ReleaseVersion
buster3.9.0-1
bullseye4.0.5-1
bookworm4.2.3-1
sid4.2.3-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2021-45429vulnerable (no DSA)vulnerable (no DSA)fixedfixedA Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 6 ...
CVE-2021-3402vulnerable (no DSA)fixedfixedfixedAn integer overflow and several buffer overflow reads in libyara/modul ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2019-19648vulnerablevulnerablevulnerablevulnerableIn the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, ...

Resolved issues

BugDescription
CVE-2019-5020An exploitable denial of service vulnerability exists in the object lo ...
CVE-2018-19976In YARA 3.8.1, bytecode in a specially crafted compiled rule is expose ...
CVE-2018-19975In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...
CVE-2018-19974In YARA 3.8.1, bytecode in a specially crafted compiled rule can read ...
CVE-2018-12035In YARA 3.7.1 and prior, parsing a specially crafted compiled rule fil ...
CVE-2018-12034In YARA 3.7.1 and prior, parsing a specially crafted compiled rule fil ...
CVE-2017-11328Heap buffer overflow in the yr_object_array_set_item() function in obj ...
CVE-2017-9465The yr_arena_write_data function in YARA 3.6.1 allows remote attackers ...
CVE-2017-9438libyara/re.c in the regexp module in YARA 3.5.0 allows remote attacker ...
CVE-2017-9304libyara/re.c in the regexp module in YARA 3.5.0 allows remote attacker ...
CVE-2017-8929The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allo ...
CVE-2017-8294libyara/re.c in the regex component in YARA 3.5.0 allows remote attack ...
CVE-2017-5924libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...
CVE-2017-5923libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...
CVE-2016-10211libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a den ...
CVE-2016-10210libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denia ...

Search for package or bug name: Reporting problems