Denial Of Service (DoS)

2022-01-1523:40:11

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

64.9%

JSON

clamav is vulnerable to denial of service. The vulnerability exists because the user inputs are not properly validated which allows an attacker to send a specially crafted OOXML file and perform an application crash.

CPENameOperatorVersion
clamav:sideq0.103.0+dfsg-3
clamav:hirsuteeq0.103.2+dfsg-1
clamav:hirsuteeq0.103.0+dfsg-3
clamav:hirsuteeq0.103.0+dfsg-3.1
clamav:focaleq0.102.4+dfsg-0ubuntu0.20.04.1
clamav:focaleq0.102.2+dfsg-2ubuntu1
clamav:bioniceq0.99.4+addedllvm-0ubuntu1
clamav:bioniceq0.103.2+dfsg-0ubuntu0.18.04.2
clamav:bioniceq0.102.4+dfsg-0ubuntu0.18.04.1
clamav:sideq0.103.0+dfsg-3

Name	Operator	Version
clamav:sid	eq	0.103.0+dfsg-3
clamav:hirsute	eq	0.103.2+dfsg-1
clamav:hirsute	eq	0.103.0+dfsg-3
clamav:hirsute	eq	0.103.0+dfsg-3.1
clamav:focal	eq	0.102.4+dfsg-0ubuntu0.20.04.1
clamav:focal	eq	0.102.2+dfsg-2ubuntu1
clamav:bionic	eq	0.99.4+addedllvm-0ubuntu1
clamav:bionic	eq	0.103.2+dfsg-0ubuntu0.18.04.2
clamav:bionic	eq	0.102.4+dfsg-0ubuntu0.18.04.1
clamav:sid	eq	0.103.0+dfsg-3