Lucene search
FreeBSDECAFC4AF-FE8A-11EE-890C-08002784C58DHistoryApr 17, 2024 - 12:00 a.m.
clamav -- Possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition
2024-04-1700:00:00
vuxml.freebsd.org
10
clamav
vulnerability
html
parser
denial of service
exploit
scanning
process
dos
condition
unix
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Błażej Pawłowski reports:
A vulnerability in the HTML parser of ClamAV could allow
an unauthenticated, remote attacker to cause a denial of
service (DoS) condition on an affected device. The
vulnerability is due to an issue in the C to Rust foreign
function interface. An attacker could exploit this
vulnerability by submitting a crafted file containing HTML
content to be scanned by ClamAV on an affected device. An
exploit could allow the attacker to cause the ClamAV
scanning process to terminate, resulting in a DoS
condition on the affected software.
Related
cve
cve
CVE-2024-20380
2024-04-18 20:15:17
ubuntucve
ubuntucve
CVE-2024-20380
2024-04-18 00:00:00
nvd
nvd
CVE-2024-20380
2024-04-18 20:15:17
cvelist
cvelist
CVE-2024-20380 ClamAV HTML Parser Denial of Service Vulnerability
2024-04-18 19:19:21
nessus
nessus
debiancve
debiancve
CVE-2024-20380
2024-04-18 20:15:17
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.2 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Related for ECAFC4AF-FE8A-11EE-890C-08002784C58D