7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.017 Low
EPSS
Percentile
87.5%
software: clamav 0.103.8
WASP: ROSA-CHROME
package_evr_string: clamav-0.103.8-1.src.rpm
CVE-ID: CVE-2022-20698
BDU-ID: 2022-00587
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Clam AntiVirus software package is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker acting remotely to perform a denial of service by sending a specially generated OOXML file
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update clamav
CVE-ID: CVE-2022-20785
BDU-ID: 2022-02932
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the scanning library of the ClamAV antivirus suite and Cisco AMP endpoint malware protection tool is related to memory release errors in the parsing of HTML files. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update clamav
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.017 Low
EPSS
Percentile
87.5%