OSV-2022-510

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/yara/OSV-2022-510.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2022-510
Published
2022-06-26T00:00:24.389136Z
Modified
2022-06-26T00:00:24.389364Z
Summary
Heap-buffer-overflow in read_blob_signed
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48329

Crash type: Heap-buffer-overflow READ 4
Crash state:
read_blob_signed
parse_signature_type
parse_signature_type
References

Affected packages

OSS-Fuzz / yara

Package

Name
yara
Purl
pkg:generic/yara

Affected ranges

Type
GIT
Repo
https://github.com/VirusTotal/yara.git
Events
Introduced
15ec337e041791d5a354c8a3ec7729ab5af6adf4
Fixed
86b0e3f7c7fc2c689db88972221b5d4da1c7214f

Ecosystem specific 

{
    "severity": "HIGH"
}