OSV-2017-54

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/yara/OSV-2017-54.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2017-54
Published
2021-01-13T21:56:24.033170Z
Modified
2022-04-13T03:04:42.254202Z
Summary
Use-of-uninitialized-value in macho_parse_file_32_be
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4375

Crash type: Use-of-uninitialized-value
Crash state:
macho_parse_file_32_be
macho__load
yr_modules_load
References

Affected packages

OSS-Fuzz / yara

Package

Name
yara
Purl
pkg:generic/yara

Affected ranges

Type
GIT
Repo
https://github.com/VirusTotal/yara.git
Events
Introduced
0c57f0bd66a118c62e43c0a7da57a3d8134fe168
Fixed
300374fe169ee100320aee70ed9c846650be4b3b

Affected versions

v3.*

v3.7.1

Ecosystem specific 

{
    "severity": "MEDIUM",
    "introduced_range": "a43780c9071e21cfe7bab7223605db29114f20f8:ef44bab295be6f205b1f4c7aa44cb00abc66f024"
}