CVE-2022-20785
First published: Wed May 04 2022(Updated: )
On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Clamav Clamav | <0.103.5 | |
| Clamav Clamav | <=0.103.5 | |
| Clamav Clamav | >=0.104.0<0.104.2 | |
| Cisco Secure Endpoint | <1.16.3 | |
| Cisco Secure Endpoint | <1.17.2 | |
| Cisco Secure Endpoint | <7.5.5 | |
| Cisco Secure Endpoint | >=1.18.0<1.18.2 | |
| Cisco Secure Endpoint | >=1.18.0<1.18.2 | |
| Fedoraproject Fedora | =34 | |
| Fedoraproject Fedora | =35 | |
| Fedoraproject Fedora | =36 | |
| Debian Debian Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/
- https://security.gentoo.org/glsa/202310-01
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR
Frequently Asked Questions
What is CVE-2022-20785?
CVE-2022-20785 is a vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier.
What is the severity of CVE-2022-20785?
CVE-2022-20785 has a severity value of 7.5, which is classified as high.
What software is affected by CVE-2022-20785?
CVE-2022-20785 affects ClamAV versions 0.103.5 and earlier and 0.104.2 and earlier, as well as Cisco Secure Endpoint, Fedora, and Debian Linux.
How can I fix CVE-2022-20785?
To fix CVE-2022-20785, you should update ClamAV to a version that is not affected by the vulnerability.
Where can I find more information about CVE-2022-20785?
You can find more information about CVE-2022-20785 in the references provided: [Reference 1](https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html), [Reference 2](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/), [Reference 3](https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/)
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-api
- collector/nvd-index
- vendor/clamav
- canonical/clamav clamav
- version/clamav clamav/0.103.5
- version/clamav clamav/0.104.0
- vendor/cisco
- canonical/cisco secure endpoint
- version/cisco secure endpoint/1.18.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/34
- version/fedoraproject fedora/35
- version/fedoraproject fedora/36
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0