USN-6303-2 clamav vulnerability

🗓️ 21 Aug 2023 16:38:51Reported by GoogleType

osv

osv🔗 osv.dev

ClamAV HFS+ parsing could crash and cause denial of service; update for Ubuntu fourteen four, sixteen four, eighteen four.

Reporter	Title	Published	Views	Family All 89
IBM Security Bulletins	Security Bulletin: Vulnerabilities in GNU Binutils, Bootstrap, PortSmash, Node.js, and libarchive might affect IBM Storage Defender – Data Protect.	18 Oct 202401:50	–	ibm
FreeBSD	clamav -- Possible denial of service vulnerability in the HFS+ file parser	15 Aug 202300:00	–	freebsd
Tenable Nessus	Amazon Linux 2023 : clamav, clamav-data, clamav-devel (ALAS2023-2023-331)	8 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : clamav (ALAS-2023-2233)	8 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : clamav (ALAS-2023-1820)	11 Sep 202300:00	–	nessus
Tenable Nessus	ClamAV < 0.103.9 / 1.0.x < 1.0.2 / 1.1.x < 1.1.1 DoS	4 Sep 202300:00	–	nessus
Tenable Nessus	Debian dla-3544 : clamav - security update	28 Aug 202300:00	–	nessus
Tenable Nessus	Fedora 37 : clamav (2023-9f948bec13)	27 Aug 202300:00	–	nessus
Tenable Nessus	Fedora 38 : clamav (2023-bf72d8833e)	22 Aug 202300:00	–	nessus
Tenable Nessus	FreeBSD : clamav -- Possible denial of service vulnerability in the HFS+ file parser (51a59f36-3c58-11ee-b32e-080027f5fec9)	17 Aug 202300:00	–	nessus

Source	Link
ubuntu	www.ubuntu.com/security/notices/USN-6303-2
ubuntu	www.ubuntu.com/security/CVE-2023-20197

20 May 2026 16:03Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.5

EPSS0.005

clamav vulnerability hfs plus parsing denial of service ubuntu update lts release