CVE-2021-27506

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-27506

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-27506.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-27506

Downstream

OESA-2021-1187

Published

2021-03-19T15:15:12.650Z

Modified

2026-04-10T04:31:33.628763Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.

References

Affected packages

Git / github.com/cisco-talos/clamav

Affected ranges

Type

GIT

Repo

https://github.com/cisco-talos/clamav

Events

Introduced

Last affected

e7f5f53737f51f3b8395c12b1f804dc6c2181169

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "0.103.1"
        }
    ]
}

Affected versions

clamav-0.*

clamav-0.101.0

clamav-0.102.0

clamav-0.103.0

clamav-0.103.0-rc

clamav-0.103.0-rc2

clamav-0.103.1

clamav-0.96

clamav-0.96.2

clamav-0.96.3

clamav-0.96.4

clamav-0.96.5

clamav-0.96rc1

clamav-0.96rc2

clamav-0.97

clamav-0.97rc

Other

merge-llvm-97877

r5076

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "9.1.0"
            },
            {
                "last_affected": "9.1.11"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "1.0"
            },
            {
                "last_affected": "4.2.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-27506.json"