Security vulnerability: Regex matching in ruleset #185
Comments
|
Thanks for the report. You can send an email with the details to security@peekabooav.de. |
|
We have received your detailed information. We have reproduced the issue and are working on a fix. I will make this issue confidential for now. It will be restored to public access for further tracking and documentation once a fix is released. If you have any further comments or details you can send them to security@peekabooav.de as before. Thank you! |
|
The issue has been fixed in development by commit a839b79. This change is part of release 2.0.1, available since yesterday afternoon at https://github.com/scVENUS/PeekabooAV/releases/tag/v2.0.1. Thanks for your report and detailed analysis, @mardom1. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We found a vulnerability in the way regex expressions are matched in rules.
What is the proper way to disclose such vulnerabilities?
The text was updated successfully, but these errors were encountered: