Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-20380

Опубликовано: 18 апр. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

РелизСтатусПримечание
devel

not-affected

1.3.0 only
esm-infra-legacy/trusty

not-affected

1.3.0 only
esm-infra/bionic

not-affected

1.3.0 only
esm-infra/focal

not-affected

1.3.0 only
esm-infra/xenial

not-affected

1.3.0 only
focal

not-affected

1.3.0 only
jammy

not-affected

1.3.0 only
mantic

not-affected

1.3.0 only
noble

not-affected

1.3.0 only
trusty/esm

not-affected

1.3.0 only

Показывать по

Ссылки на источники

EPSS

Процентиль: 65%
0.005
Низкий

7.5 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2024-20380

CVSS3: 7.5
nvd
почти 2 года назад

A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

debian логотип

CVE-2024-20380

CVSS3: 7.5
debian
почти 2 года назад

A vulnerability in the HTML parser of ClamAV could allow an unauthenti ...

github логотип

GHSA-m2rv-2ggp-66m7

CVSS3: 7.5
github
почти 2 года назад

A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

fstec логотип

BDU:2024-03114

CVSS3: 7.5
fstec
почти 2 года назад

Уязвимость анализатора HTML-кода пакета антивирусных программ ClamAV, позволяющая нарушителю вызвать отказ в обслуживании

suse-cvrf логотип

SUSE-SU-2025:0328-1

suse-cvrf
около 1 года назад

Security update for clamav

EPSS

Процентиль: 65%
0.005
Низкий

7.5 High

CVSS3