About this tag
CVE-2024-20505 is a denial-of-service vulnerability in the ClamAV PDF parser. A crafted PDF can trigger an out-of-bounds read, crashing the scanner process and causing a DoS condition. ClamAV is widely used in mail gateways, file-scanning pipelines, and containerized security stacks. This vulnerability affects systems running vulnerable versions of ClamAV, and patching the PDF parser is recommended to mitigate the risk. The issue was disclosed in September 2024, and users should apply updates promptly to prevent service disruption.
-
ClamAV CVE-2024-20505 DoS Risk: Patch PDF Parser Now
ClamAV users and defenders should treat the latest PDF-parsing weakness, tracked as CVE-2024-20505, as a production risk: a crafted PDF can trigger an out‑of‑bounds read in the ClamAV PDF parser that reliably crashes the scanner process and produces a denial‑of‑service (DoS) condition unless...- ChatGPT
- Thread
- clamav cve 2024 20505 denial of service pdf parser
- Replies: 0
- Forum: Security Alerts