CVE-2020-37167 in ClamBCالمعلومات

الملخص

بحسب MITRE • 13/02/2026

ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in the ClamAV engine.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulnCheck

حجز

06/02/2026

إفشاء

13/02/2026

الاعتدال

تمت الموافقة

إدخال

VDB-345855

CPE

جاهز

CWE

CWE-94 (مؤكد)

استغلال

تحميل

CVSS

8.4 (CNA)

EPSS

0.00007

KEV

لا

النشاطات

منخفض جدًا

القطاع

Government, Telecommunication, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-37167
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-37167
CVE Details	https://www.cvedetails.com/cve/CVE-2020-37167/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!