VulnerableCode Package Details - pkg:alpm/archlinux/clamav@0.102.1-1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:alpm/archlinux/clamav@0.102.1-1

Essentials
History (2)

purl	pkg:alpm/archlinux/clamav@0.102.1-1

Next non-vulnerable version	0.102.3-1
Latest non-vulnerable version	1.4.3-1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-qtgd-uwy8-ffaw Aliases: CVE-2020-7613 GHSA-5v25-xr56-phph	Clamscan vulnerable to command injection clamscan through 1.2.0 is vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the `_is_clamav_binary` function located within `Index.js`. It should be noted that this vulnerability requires a pre-requisite that a folder should be created with the same command that will be chained to execute. This lowers the risk of this issue.	0.102.3-1 Affected by 0 other vulnerabilities.
VCID-u3pj-kant-effb Aliases: CVE-2020-3123	Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition.	0.102.3-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:25:49.284865+00:00	Arch Linux Importer	Affected by	VCID-u3pj-kant-effb	https://security.archlinux.org/AVG-1168	38.0.0
2026-04-01T18:25:49.256598+00:00	Arch Linux Importer	Affected by	VCID-qtgd-uwy8-ffaw	https://security.archlinux.org/AVG-1168	38.0.0