CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20770

On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.7%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 7.8

References

Products affected by CVE-2022-20770

Cisco » Secure Endpoint » Version: N/A

cpe:2.3:a:cisco:secure_endpoint:-
Cisco » Secure Endpoint » Version: 1.18.0

cpe:2.3:a:cisco:secure_endpoint:1.18.0
Cisco » Secure Endpoint » Version: 1.18.1

cpe:2.3:a:cisco:secure_endpoint:1.18.1
Cisco » Secure Endpoint » Version: 6.0.7

cpe:2.3:a:cisco:secure_endpoint:6.0.7
Cisco » Secure Endpoint » Version: 6.0.9

cpe:2.3:a:cisco:secure_endpoint:6.0.9
Cisco » Secure Endpoint » Version: 6.1.5

cpe:2.3:a:cisco:secure_endpoint:6.1.5
Cisco » Secure Endpoint » Version: 6.1.7

cpe:2.3:a:cisco:secure_endpoint:6.1.7
Cisco » Secure Endpoint » Version: 6.1.9

cpe:2.3:a:cisco:secure_endpoint:6.1.9
Cisco » Secure Endpoint » Version: 6.2.1

cpe:2.3:a:cisco:secure_endpoint:6.2.1
Cisco » Secure Endpoint » Version: 6.2.19

cpe:2.3:a:cisco:secure_endpoint:6.2.19
Cisco » Secure Endpoint » Version: 6.2.3

cpe:2.3:a:cisco:secure_endpoint:6.2.3
Cisco » Secure Endpoint » Version: 6.2.5

cpe:2.3:a:cisco:secure_endpoint:6.2.5
Cisco » Secure Endpoint » Version: 6.2.9

cpe:2.3:a:cisco:secure_endpoint:6.2.9
Cisco » Secure Endpoint » Version: 6.3.1

cpe:2.3:a:cisco:secure_endpoint:6.3.1
Cisco » Secure Endpoint » Version: 6.3.3

cpe:2.3:a:cisco:secure_endpoint:6.3.3
Cisco » Secure Endpoint » Version: 6.3.5

cpe:2.3:a:cisco:secure_endpoint:6.3.5
Cisco » Secure Endpoint » Version: 6.3.7

cpe:2.3:a:cisco:secure_endpoint:6.3.7
Cisco » Secure Endpoint » Version: 7.0.5

cpe:2.3:a:cisco:secure_endpoint:7.0.5
Cisco » Secure Endpoint » Version: 7.1.1

cpe:2.3:a:cisco:secure_endpoint:7.1.1
Cisco » Secure Endpoint » Version: 7.1.5

cpe:2.3:a:cisco:secure_endpoint:7.1.5
Cisco » Secure Endpoint » Version: 7.2.11

cpe:2.3:a:cisco:secure_endpoint:7.2.11
Cisco » Secure Endpoint » Version: 7.2.13

cpe:2.3:a:cisco:secure_endpoint:7.2.13
Cisco » Secure Endpoint » Version: 7.2.3

cpe:2.3:a:cisco:secure_endpoint:7.2.3
Cisco » Secure Endpoint » Version: 7.2.5

cpe:2.3:a:cisco:secure_endpoint:7.2.5
Cisco » Secure Endpoint » Version: 7.2.7

cpe:2.3:a:cisco:secure_endpoint:7.2.7
Cisco » Secure Endpoint » Version: 7.3.1

cpe:2.3:a:cisco:secure_endpoint:7.3.1
Cisco » Secure Endpoint » Version: 7.3.3

cpe:2.3:a:cisco:secure_endpoint:7.3.3
Cisco » Secure Endpoint » Version: 7.3.5

cpe:2.3:a:cisco:secure_endpoint:7.3.5
Cisco » Secure Endpoint » Version: 7.3.9

cpe:2.3:a:cisco:secure_endpoint:7.3.9
Clamav » Clamav » Version: N/A

cpe:2.3:a:clamav:clamav:-
Clamav » Clamav » Version: 0.103.0

cpe:2.3:a:clamav:clamav:0.103.0
Clamav » Clamav » Version: 0.103.1

cpe:2.3:a:clamav:clamav:0.103.1
Clamav » Clamav » Version: 0.103.2

cpe:2.3:a:clamav:clamav:0.103.2
Clamav » Clamav » Version: 0.103.3

cpe:2.3:a:clamav:clamav:0.103.3
Clamav » Clamav » Version: 0.103.4

cpe:2.3:a:clamav:clamav:0.103.4
Clamav » Clamav » Version: 0.103.5

cpe:2.3:a:clamav:clamav:0.103.5
Clamav » Clamav » Version: 0.104.0

cpe:2.3:a:clamav:clamav:0.104.0
Clamav » Clamav » Version: 0.104.1

cpe:2.3:a:clamav:clamav:0.104.1
Clamav » Clamav » Version: 0.104.2

cpe:2.3:a:clamav:clamav:0.104.2
Debian » Debian Linux » Version: 9.0

cpe:2.3:o:debian:debian_linux:9.0
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34
Fedoraproject » Fedora » Version: 35

cpe:2.3:o:fedoraproject:fedora:35
Fedoraproject » Fedora » Version: 36

cpe:2.3:o:fedoraproject:fedora:36

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-20770

Products

Pricing

Contact Us