ClamAV HTML Parser Vulnerability Could Lead to Denial of Service
CVE-2024-20380

Currently unrated

Key Information:

Vendor

ClamAV

Vendor
CVE Published:
18 April 2024

Badges

đź“° News Worthy

What is CVE-2024-20380?

A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an issue in the C to Rust foreign function interface. An attacker could exploit this vulnerability by submitting a crafted file containing HTML content to be scanned by ClamAV on an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

News Articles

favicon imageCyber Security Informer

Top Cyber Security Informer Penetration Testing Artificial Intelligence Content for Week of Apr 13 - Apr 19, 2024

Best content around Penetration Testing Artificial Intelligence selected by the Cyber Security Informer community.

References

https://blog.clamav.net/2024/04/clamav-131-123-106-patch-...

Timeline

  • đź“°

    First article discovered by Cyber Security Informer

  • Vulnerability published

.