CVE-2018-19976

Published December 17th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

PROJECTS

Description

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

VirusTotal/yara

The pattern matching swiss knife

GitHub

9.65K

bnbdr/swisscheese

Exploits for YARA 3.7.1 & 3.8.1

GitHub