AVG-2722 log

Package clamav
Status Fixed
Severity High
Type multiple issues
Affected 0.104.2-1
Fixed 0.105.0-1
Current 1.4.1-1 [extra]
Ticket None
Created Wed May 18 18:29:12 2022
Issue Severity Remote Type Description
CVE-2022-20803 Unknown Yes Arbitrary code execution
possible double-free vulnerability in the OLE2 file parser
CVE-2022-20796 Medium Unknown Unknown
possible NULL-pointer dereference crash in the scan verdict cache check
CVE-2022-20792 Unknown Yes Arbitrary code execution
possible multi-byte heap buffer overflow write vulnerability in the signature database load module
CVE-2022-20785 High Yes Denial of service
possible memory leak in the HTML file parser / Javascript normalizer
CVE-2022-20771 High Yes Denial of service
possible infinite loop vulnerability in the TIFF file parser. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For ClamD, the...
CVE-2022-20770 High Yes Denial of service
possible infinite loop vulnerability in the CHM file parser
References
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html