OSV-2024-264

Import Source

https://github.com/google/oss-fuzz-vulns/blob/main/vulns/clamav/OSV-2024-264.yaml

Published

2024-04-17T00:06:11.717243Z

Modified

2024-04-29T11:34:58.355901Z

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67953

Crash type: UNKNOWN READ
Crash state:
cli_html_normalise
html_normalise_map
cli_scanhtml

References

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67953

Affected packages

OSS-Fuzz / clamav

Package

Name: clamav

Affected ranges

Type: GIT
Repo: https://github.com/Cisco-Talos/clamav.git
Events: Introduced

ebd30d7dbedbddb8d7450e75d6a4fcddddfc9953

Fixed

6e1afbbb6255ccd51ce802d58fd1a421f4604794

Fixed

b52bdddb5301782e8e73ee3e70e289c1976a8639

Affected versions

clamav-1.*

clamav-1.3.0

clamav-1.3.0-rc

clamav-1.3.0-rc2

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

{
    "introduced_range": "47c079f15f9d6af26aee580f61f70a41966a5309:86ba9bc8ce0e3beb476a7c95b5a9047407e91e5a",
    "fixed_range": "07900fb67374715f321ae0c4a742a41b85f94f18:6e1afbbb6255ccd51ce802d58fd1a421f4604794"
}