{"id":"CVE-2018-19974","details":"In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).","modified":"2026-03-14T09:28:50.662564Z","published":"2018-12-17T19:29:01.080Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DFFXDAMP6GJ337LIOTVF5I4T6QGMN3ZR/"},{"type":"REPORT","url":"https://github.com/VirusTotal/yara/issues/999"},{"type":"EVIDENCE","url":"https://bnbdr.github.io/posts/extracheese/"},{"type":"EVIDENCE","url":"https://github.com/bnbdr/swisscheese/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/virustotal/yara","events":[{"introduced":"0"},{"last_affected":"309894830a5f9ff8cc22155d7719ea608de7bc9d"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.8.1"}]}}],"versions":["v2.0.0","v2.1.0","v3.0.0","v3.1.0","v3.2.0","v3.3.0","v3.4.0","v3.6.0","v3.7.0","v3.8.0","v3.8.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19974.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}