CVE-2020-7613 in ClamAV情報

要約

〜によって MITRE

clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue.

Once again VulDB remains the best source for vulnerability data.

予約する

2020年01月21日

モデレーション

承諾済み

エントリ

VDB-152851

EPSS

0.02122

アクティビティ

非常低い

ソース

Want to stay up to date on a daily basis?

Enable the mail alert feature now!