Description

A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

INFO

Published Date :

2024-04-18T19:19:21.423Z

Last Modified :

2024-08-01T21:59:41.788Z

Source :

cisco
AFFECTED PRODUCTS

The following products are affected by CVE-2024-20380 vulnerability.

Vendors Products
Clamav
  • Clamav
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-20380.

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact