Vulnerabilities > CVE-2022-20770

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2022-05-04

Updated: 2023-11-07

Summary

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

Vulnerable Configurations

Part	Description	Count
Application	Clamav Clamav Clamav - Clamav Clamav 0.103.0 Clamav Clamav 0.103.1 Clamav Clamav 0.103.2 Clamav Clamav 0.103.3 Clamav Clamav 0.103.4 Clamav Clamav 0.104.0 Clamav Clamav 0.104.1	9
Application	Cisco Cisco Secure Endpoint - Cisco Secure Endpoint 1.18.0 Cisco Secure Endpoint 1.18.1	7
OS	Fedoraproject Fedoraproject Fedora 34 Fedoraproject Fedora 35 Fedoraproject Fedora 36	3
OS	Debian Debian Debian Linux 9.0	1

Vulnerabilities > CVE-2022-20770 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2022-20770"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2022-20770