OSV-2024-264

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2024-264.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-264
Published
2024-04-17T00:06:11.717243Z
Modified
2024-04-29T11:34:58.355901Z
Summary
UNKNOWN READ in cli_html_normalise
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67953

Crash type: UNKNOWN READ
Crash state:
cli_html_normalise
html_normalise_map
cli_scanhtml
References

Affected packages

OSS-Fuzz / clamav

Package

Name
clamav
Purl
pkg:generic/clamav

Affected ranges

Type
GIT
Repo
https://github.com/Cisco-Talos/clamav.git
Events
Introduced
ebd30d7dbedbddb8d7450e75d6a4fcddddfc9953
Fixed
6e1afbbb6255ccd51ce802d58fd1a421f4604794
Fixed
b52bdddb5301782e8e73ee3e70e289c1976a8639

Affected versions

clamav-1.*
clamav-1.3.0
clamav-1.3.0-rc
clamav-1.3.0-rc2

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific

source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2024-264.yaml"
introduced_range 
"47c079f15f9d6af26aee580f61f70a41966a5309:86ba9bc8ce0e3beb476a7c95b5a9047407e91e5a"
fixed_range 
"07900fb67374715f321ae0c4a742a41b85f94f18:6e1afbbb6255ccd51ce802d58fd1a421f4604794"