CVE-2019-12625

CVSS 7.5 - HIGH

Description

ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.

Affected Products

Vendor	Product	Version
clamav	clamav	`All versions`

References

http://lists.opensuse.org/opensuse-security-announ...

https://blog.clamav.net/2019/08/clamav-01014-secur...

http://lists.opensuse.org/opensuse-security-announ...

https://blog.clamav.net/2019/08/clamav-01014-secur...

Weakness Types

CWE-400 CWE-404

CVE Information

CVE ID:: CVE-2019-12625
Published:: 2019-11-05
Modified:: 2024-11-21
CVSS Score:: 7.5
Severity:: HIGH
Vector:: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Vendors

clamav

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL