OSV-2022-510

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2022-510

Published

2022-06-26T00:00:24.389136Z

Modified

2022-06-26T00:00:24.389364Z

Summary

Heap-buffer-overflow in read_blob_signed

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=48329

Crash type: Heap-buffer-overflow READ 4
Crash state:
read_blob_signed
parse_signature_type
parse_signature_type

References

Affected packages

Type: GIT
Repo: https://github.com/VirusTotal/yara.git
Events: Introduced

15ec337e041791d5a354c8a3ec7729ab5af6adf4

Fixed

86b0e3f7c7fc2c689db88972221b5d4da1c7214f

{
    "severity": "HIGH"
}

source

"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/yara/OSV-2022-510.yaml"