4.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
49.0%
ClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.
www.securitytracker.com/id/1041367
blog.clamav.net/2018/07/clamav-01001-has-been-released.html
lists.debian.org/debian-lts-announce/2018/08/msg00020.html
security.gentoo.org/glsa/201904-12