CVE-2024-20328

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-20328

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-20328.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-20328

Downstream

DEBIAN-CVE-2024-20328

UBUNTU-CVE-2024-20328

Related

Published

2024-03-01T21:15:07Z

Modified

2025-09-24T12:19:47.157317Z

Summary

[none]

Details

A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file name containing command-line sequences. When processed on a system using configuration options for the VirusEvent feature, the attacker could cause the application to execute arbitrary commands. ClamAV has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

References

https://blog.clamav.net/2023/11/clamav-130-122-105-released.html

Affected packages

Git / github.com/cisco-talos/clamav

Affected ranges

Type: GIT
Repo: https://github.com/cisco-talos/clamav
Events: Introduced

09f373f82ad0978e267cc9b795aa93d7f8e8b7d2

Fixed

81ee14af95518106dcc6fc0c2c9f69165805df1b

Affected versions

clamav-1.*

clamav-1.0.0

clamav-1.0.1

clamav-1.0.2

clamav-1.0.3

clamav-1.0.4