Vulnetix
Try Vulnetix Request Demo
ALPINE-CVE-2019-1789 PUBLISHED CVSS 7.5 HIGH

ClamAV versions prior to 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.10clamav0, 0.100.0-r0, 0.100.0-r1
Alpine:v3.6clamav0.99.4-r0, 0.99.2-r4, 0.99.2-r3
Alpine:v3.13clamav0.99-r1, 0, 0.100.0-r0
Alpine:v3.11clamav0, 0.99.4-r1, 0.99.4-r0
Alpine:v3.9clamav0.98.7-r0, 0.100.0-r0, 0.100.0-r1
Alpine:v3.8clamav0.98.1-r0, 0, 0.100.0-r0
Alpine:v3.7clamav0.98.6-r2, 0, 0.100.1-r0
Alpine:v3.12clamav0.98.4-r1, 0.99.4-r1, 0.99.4-r0

Timeline

References

Open in Interactive Console →