FKIE_CVE-2024-20380

Vulnerability from fkie_nvd - Published: 2024-04-18 20:15 - Updated: 2025-07-23 15:08
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.
References
psirt@cisco.comhttps://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.htmlVendor Advisory
Impacted products
Vendor Product Version
clamav clamav 1.3.0
clamav clamav 1.3.0
clamav clamav 1.3.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clamav:clamav:1.3.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "C3ACEAD4-CF16-48BD-A344-B427B017219C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:1.3.0:rc:*:*:*:*:*:*",
              "matchCriteriaId": "03381195-B417-4D4D-BB35-284E35652BB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clamav:clamav:1.3.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "6BEAF0FC-6347-47F5-A865-87AAB4F6D64C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r\nThe vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en el analizador HTML de ClamAV podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad se debe a un problema en la interfaz de funci\u00f3n externa de C a Rust. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un archivo manipulado que contenga contenido HTML para que ClamAV lo analice en un dispositivo afectado. Un exploit podr\u00eda permitir al atacante provocar que finalice el proceso de escaneo de ClamAV, lo que resultar\u00eda en una condici\u00f3n DoS en el software afectado."
    }
  ],
  "id": "CVE-2024-20380",
  "lastModified": "2025-07-23T15:08:46.247",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-04-18T20:15:17.520",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-475"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.