OSV-2023-640

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2023-640.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2023-640
Published
2023-08-04T14:00:55.352181Z
Modified
2023-08-17T14:21:56.675468Z
Summary
Stack-buffer-overflow in initialize_encryption_key
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61039

Crash type: Stack-buffer-overflow READ {*}
Crash state:
initialize_encryption_key
cli_ole2_extract
cli_scanole2
References

Affected packages

OSS-Fuzz / clamav

Package

Name
clamav
Purl
pkg:generic/clamav

Affected ranges

Type
GIT
Repo
https://github.com/Cisco-Talos/clamav.git
Events

Affected versions

clamav-1.*
clamav-1.0.0
clamav-1.0.0-rc
clamav-1.0.0-rc2
clamav-1.0.1
clamav-1.0.2
clamav-1.1.0
clamav-1.1.0-rc
clamav-1.1.1

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2023-640.yaml"