Количество 3
Количество 3
CVE-2020-7613
clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue.
GHSA-5v25-xr56-phph
Clamscan vulnerable to command injection
BDU:2020-04464
Уязвимость функции _is_clamav_binary (Index.js) антивирусного сканера clamscan, позволяющая нарушителю выполнять произвольные команды
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-7613 clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue. | CVSS3: 8.1 | 2% Низкий | почти 6 лет назад |
| GHSA-5v25-xr56-phph Clamscan vulnerable to command injection | CVSS3: 8.1 | 2% Низкий | больше 3 лет назад |
 | BDU:2020-04464 Уязвимость функции _is_clamav_binary (Index.js) антивирусного сканера clamscan, позволяющая нарушителю выполнять произвольные команды | CVSS3: 8.1 | 2% Низкий | почти 6 лет назад |
Уязвимостей на страницу