Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-20234

Опубликовано: 18 июн. 2025
Источник: nvd
CVSS3: 5.3
CVSS3: 7.5
EPSS Низкий

Описание

A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
Версия от 1.2.0 (включая) до 1.4.3 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*
Версия до 1.26.1 (исключая)
cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*
Версия до 1.26.1 (исключая)
cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*
Версия до 7.5.21 (исключая)
cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*
Версия от 8.0.1.21160 (включая) до 8.4.5 (исключая)
cpe:2.3:a:cisco:secure_endpoint_private_cloud:*:*:*:*:*:*:*:*
Версия до 4.2.2 (исключая)

EPSS

Процентиль: 29%
0.00104
Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2025-20234

CVSS3: 5.3
ubuntu
2 месяца назад

A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .

debian логотип

CVE-2025-20234

CVSS3: 5.3
debian
2 месяца назад

A vulnerability in Universal Disk Format (UDF) processing of ClamAV co ...

github логотип

GHSA-xwph-f2wp-xxgp

CVSS3: 5.3
github
2 месяца назад

A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the .

fstec логотип

BDU:2025-08727

CVSS3: 5.3
fstec
2 месяца назад

Уязвимость компонента ClamAV программного обеспечения для защиты от вредоносных программ Cisco Secure Endpoint Connector, позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

SUSE-SU-2025:02201-1

suse-cvrf
около 2 месяцев назад

Security update for clamav

EPSS

Процентиль: 29%
0.00104
Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-125