CVE-2023-20197

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-20197
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20197.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-20197
Downstream
Related
Published
2023-08-16T22:15:10.510Z
Modified
2026-02-17T07:40:18.334502Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability in the filesystem image parser for Hierarchical File System Plus (HFS+) of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to an incorrect check for completion when a file is decompressed, which may result in a loop condition that could cause the affected software to stop responding. An attacker could exploit this vulnerability by submitting a crafted HFS+ filesystem image to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to stop responding, resulting in a DoS condition on the affected software and consuming available system resources.

For a description of this vulnerability, see the ClamAV blog .

References

Affected packages

Git / github.com/openprinting/cups-filters

Affected ranges

Type
GIT
Repo
https://github.com/openprinting/cups-filters
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
9d4b76bc778a77c3d984b002cb956b18deec2b63

Affected versions

Other
release-1-0
release-1-0-1
release-1-0-10
release-1-0-11
release-1-0-12
release-1-0-13
release-1-0-14
release-1-0-15
release-1-0-16
release-1-0-17
release-1-0-18
release-1-0-19
release-1-0-2
release-1-0-20
release-1-0-21
release-1-0-22
release-1-0-23
release-1-0-24
release-1-0-25
release-1-0-26
release-1-0-27
release-1-0-28
release-1-0-29
release-1-0-3
release-1-0-30
release-1-0-31
release-1-0-32
release-1-0-33
release-1-0-34
release-1-0-35
release-1-0-36
release-1-0-37
release-1-0-38
release-1-0-39
release-1-0-4
release-1-0-40
release-1-0-41
release-1-0-42
release-1-0-43
release-1-0-44
release-1-0-45
release-1-0-46
release-1-0-47
release-1-0-48
release-1-0-49
release-1-0-5
release-1-0-50
release-1-0-51
release-1-0-52
release-1-0-53
release-1-0-54
release-1-0-55
release-1-0-56
release-1-0-57
release-1-0-58
release-1-0-59
release-1-0-6
release-1-0-60
release-1-0-61
release-1-0-62
release-1-0-63
release-1-0-65
release-1-0-66
release-1-0-67
release-1-0-68
release-1-0-69
release-1-0-7
release-1-0-70
release-1-0-71
release-1-0-72
release-1-0-73
release-1-0-74
release-1-0-75
release-1-0-76
release-1-0-8
release-1-0-9
release-1-0-b1
release-1-1-0
release-1-10-0
release-1-11-0
release-1-11-1
release-1-11-2
release-1-11-3
release-1-11-4
release-1-11-5
release-1-11-6
release-1-12-0
release-1-13-0
release-1-13-1
release-1-13-2
release-1-13-3
release-1-13-4
release-1-13-5
release-1-14-0
release-1-14-1
release-1-15-0
release-1-16-0
release-1-16-1
release-1-16-2
release-1-16-3
release-1-16-4
release-1-17-1
release-1-17-2
release-1-17-3
release-1-17-4
release-1-17-5
release-1-17-6
release-1-17-7
release-1-17-8
release-1-17-9
release-1-18-0
release-1-19-0
release-1-2-0
release-1-20-0
release-1-20-1
release-1-20-2
release-1-20-3
release-1-20-4
release-1-21-0
release-1-21-1
release-1-21-2
release-1-21-3
release-1-21-4
release-1-21-5
release-1-21-6
release-1-3-0
release-1-4-0
release-1-5-0
release-1-6-0
release-1-7-0
release-1-8-0
release-1-8-1
release-1-8-2
release-1-8-3
release-1-9-0
release-1-17.*
release-1-17.0
v1.*
v1.17.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20197.json"