{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","type":"deb","namespace":"debian","name":"clamav","version":"0.98.6+dfsg-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.4.4+dfsg-1","latest_non_vulnerable_version":"1.4.4+dfsg-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48554?format=json","vulnerability_id":"VCID-1346-uavy-pbdb","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1787","reference_id":"","reference_type":"","scores":[{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90238","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.9016","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90193","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90206","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90201","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90219","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90216","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90229","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90226","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90157","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90177","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1787"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1787"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1787","reference_id":"CVE-2019-1787","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1787"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3940-1/","reference_id":"USN-3940-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-1/"},{"reference_url":"https://usn.ubuntu.com/3940-2/","reference_id":"USN-3940-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1787"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1346-uavy-pbdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61696?format=json","vulnerability_id":"VCID-2aju-u36p-gug9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20796","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09544","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09497","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09483","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09516","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09498","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09393","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09394","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09425","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09515","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0959","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4","reference_id":"cisco-sa-clamav-dos-vL9x58p4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20796"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2aju-u36p-gug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93946?format=json","vulnerability_id":"VCID-32nc-x9aw-a3fb","summary":"ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12625","reference_id":"","reference_type":"","scores":[{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84292","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84153","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84237","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.8427","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.8414","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84171","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84173","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84195","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84219","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84214","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.8421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84232","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84233","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12625"},{"reference_url":"https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:32Z/"}],"url":"https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12625"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359","reference_id":"934359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12625","reference_id":"CVE-2019-12625","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12625"},{"reference_url":"https://usn.ubuntu.com/4146-1/","reference_id":"USN-4146-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4146-1/"},{"reference_url":"https://usn.ubuntu.com/4146-2/","reference_id":"USN-4146-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4146-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-12625"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32nc-x9aw-a3fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32129?format=json","vulnerability_id":"VCID-3rrt-vgz7-8bgz","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2221","reference_id":"","reference_type":"","scores":[{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75318","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75322","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75354","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75332","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75376","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75385","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75405","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75384","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75372","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75414","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.7542","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.7541","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75444","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75454","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00881","scoring_system":"epss","scoring_elements":"0.75461","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2221"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2221","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2221"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"},{"reference_url":"https://usn.ubuntu.com/2594-1/","reference_id":"USN-2594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2594-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049762?format=json","purl":"pkg:deb/debian/clamav@0.99%2Bdfsg-0%2Bdeb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.99%252Bdfsg-0%252Bdeb6u1"}],"aliases":["CVE-2015-2221"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3rrt-vgz7-8bgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36558?format=json","vulnerability_id":"VCID-3uwh-y2m1-nugc","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000085","reference_id":"","reference_type":"","scores":[{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72046","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72059","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71929","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71936","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71956","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71933","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71972","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71984","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72008","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71991","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.71976","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72017","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72024","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72009","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00699","scoring_system":"epss","scoring_elements":"0.72053","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000085"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201803-14","reference_id":"ASA-201803-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-14"},{"reference_url":"https://security.archlinux.org/AVG-602","reference_id":"AVG-602","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-602"},{"reference_url":"https://security.gentoo.org/glsa/201804-16","reference_id":"GLSA-201804-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-16"},{"reference_url":"https://usn.ubuntu.com/3592-1/","reference_id":"USN-3592-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3592-1/"},{"reference_url":"https://usn.ubuntu.com/3592-2/","reference_id":"USN-3592-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3592-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2018-1000085"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3uwh-y2m1-nugc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92863?format=json","vulnerability_id":"VCID-4eva-e818-yfgq","summary":"libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1405","reference_id":"","reference_type":"","scores":[{"value":"0.01827","scoring_system":"epss","scoring_elements":"0.8297","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01827","scoring_system":"epss","scoring_elements":"0.8299","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88126","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88131","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88149","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88155","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.8807","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88086","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88091","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.8811","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88116","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88061","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88119","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.8812","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03819","scoring_system":"epss","scoring_elements":"0.88133","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1405"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"},{"reference_url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa","reference_id":"","reference_type":"","scores":[],"url":"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"},{"reference_url":"http://www.securityfocus.com/bid/90968","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/90968"},{"reference_url":"http://www.securitytracker.com/id/1035993","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035993"},{"reference_url":"http://www.securitytracker.com/id/1035994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035994"},{"reference_url":"http://www.ubuntu.com/usn/USN-3093-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3093-1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:email_security_appliance:9.6.0-042:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:cisco:web_security_appliance:9.5.0-284:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1405","reference_id":"CVE-2016-1405","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1405"},{"reference_url":"https://usn.ubuntu.com/3093-1/","reference_id":"USN-3093-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3093-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2016-1405"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4eva-e818-yfgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61698?format=json","vulnerability_id":"VCID-4z4r-2w8m-r7dz","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20032","reference_id":"","reference_type":"","scores":[{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91577","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91564","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.9156","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91559","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91568","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91566","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91565","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.91644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.9165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.91658","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.9167","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.91677","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509","reference_id":"1031509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5887-1/","reference_id":"USN-5887-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5887-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2023-20032"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z4r-2w8m-r7dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47380?format=json","vulnerability_id":"VCID-5hnm-hz17-2bey","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15961","reference_id":"","reference_type":"","scores":[{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84527","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84437","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84456","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8445","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84446","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84468","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84469","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8447","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84497","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84506","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8451","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84373","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84388","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84408","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84432","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15961"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945265","reference_id":"945265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945265"},{"reference_url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010","reference_id":"CSCvr56010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"},{"reference_url":"https://security.gentoo.org/glsa/202003-46","reference_id":"GLSA-202003-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://security.gentoo.org/glsa/202003-46"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html","reference_id":"msg00016.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12380","reference_id":"show_bug.cgi?id=12380","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12380"},{"reference_url":"https://usn.ubuntu.com/4230-1/","reference_id":"USN-4230-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4230-1/"},{"reference_url":"https://usn.ubuntu.com/4230-2/","reference_id":"USN-4230-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://usn.ubuntu.com/4230-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-15961"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hnm-hz17-2bey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96514?format=json","vulnerability_id":"VCID-63vt-1nc8-6kfc","summary":"A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device.\r \r This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20260","reference_id":"","reference_type":"","scores":[{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72859","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.7286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72811","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72883","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72831","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81038","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.80983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81004","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81014","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81024","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.80981","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20260"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108046","reference_id":"1108046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108046"},{"reference_url":"https://security.archlinux.org/AVG-2903","reference_id":"AVG-2903","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2903"},{"reference_url":"https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html","reference_id":"clamav-143-and-109-security-patch.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-18T17:49:35Z/"}],"url":"https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"},{"reference_url":"https://usn.ubuntu.com/7615-1/","reference_id":"USN-7615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7615-1/"},{"reference_url":"https://usn.ubuntu.com/7615-2/","reference_id":"USN-7615-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7615-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2025-20260"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63vt-1nc8-6kfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48550?format=json","vulnerability_id":"VCID-7dcd-v8q9-b3bv","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15378","reference_id":"","reference_type":"","scores":[{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81888","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81911","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81921","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81926","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81817","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81814","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.8184","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81866","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://secuniaresearch.flexerasoftware.com/advisories/83000/","reference_id":"83000","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://secuniaresearch.flexerasoftware.com/advisories/83000/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910430","reference_id":"910430","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910430"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12170","reference_id":"show_bug.cgi?id=12170","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12170"},{"reference_url":"https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html","reference_id":"SR-2018-23.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"},{"reference_url":"https://usn.ubuntu.com/3789-1/","reference_id":"USN-3789-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://usn.ubuntu.com/3789-1/"},{"reference_url":"https://usn.ubuntu.com/3789-2/","reference_id":"USN-3789-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://usn.ubuntu.com/3789-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2018-15378"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7dcd-v8q9-b3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48553?format=json","vulnerability_id":"VCID-8s2g-2brb-tfhq","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1786","reference_id":"","reference_type":"","scores":[{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.8806","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.8802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88027","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88026","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88048","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87954","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87964","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87978","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87982","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1786"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:57Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:57Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1786"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1786","reference_id":"CVE-2019-1786","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1786"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:57Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1786"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s2g-2brb-tfhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92861?format=json","vulnerability_id":"VCID-8y9g-m17c-kyey","summary":"ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted mew packer executable.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1371","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6664","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66521","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66585","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66605","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66618","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66591","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66627","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66642","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66652","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66666","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66665","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1371"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1371","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1371"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/3093-1/","reference_id":"USN-3093-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3093-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2016-1371"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8y9g-m17c-kyey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48556?format=json","vulnerability_id":"VCID-a4nz-5cr8-13an","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1789","reference_id":"","reference_type":"","scores":[{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69419","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69399","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6943","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69437","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69442","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6928","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69293","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6934","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69357","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69363","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69388","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1789"},{"reference_url":"https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:31Z/"}],"url":"https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1789","reference_id":"CVE-2019-1789","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1789"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3940-1/","reference_id":"USN-3940-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-1/"},{"reference_url":"https://usn.ubuntu.com/3940-2/","reference_id":"USN-3940-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1789"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4nz-5cr8-13an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36556?format=json","vulnerability_id":"VCID-aagg-bbac-rfez","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6420","reference_id":"","reference_type":"","scores":[{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52001","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52093","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52055","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52003","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52051","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52078","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52043","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52094","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52146","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52129","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52114","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52154","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.5214","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00286","scoring_system":"epss","scoring_elements":"0.52087","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6420"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6420","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6420"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"https://security.gentoo.org/glsa/201804-16","reference_id":"GLSA-201804-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-16"},{"reference_url":"https://usn.ubuntu.com/3393-1/","reference_id":"USN-3393-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3393-1/"},{"reference_url":"https://usn.ubuntu.com/3393-2/","reference_id":"USN-3393-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3393-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-6420"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aagg-bbac-rfez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36557?format=json","vulnerability_id":"VCID-avvd-1gv9-eyb9","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0202","reference_id":"","reference_type":"","scores":[{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8443","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84366","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84367","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8437","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84396","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84405","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84276","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84289","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8431","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84332","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84337","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84348","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0202"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0202","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0202"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201803-14","reference_id":"ASA-201803-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-14"},{"reference_url":"https://security.archlinux.org/AVG-602","reference_id":"AVG-602","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-602"},{"reference_url":"https://security.gentoo.org/glsa/201804-16","reference_id":"GLSA-201804-16","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:54:26Z/"}],"url":"https://security.gentoo.org/glsa/201804-16"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:54:26Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/03/msg00011.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11973","reference_id":"show_bug.cgi?id=11973","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:54:26Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11973"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11980","reference_id":"show_bug.cgi?id=11980","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:54:26Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11980"},{"reference_url":"https://usn.ubuntu.com/3592-1/","reference_id":"USN-3592-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:54:26Z/"}],"url":"https://usn.ubuntu.com/3592-1/"},{"reference_url":"https://usn.ubuntu.com/3592-2/","reference_id":"USN-3592-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:54:26Z/"}],"url":"https://usn.ubuntu.com/3592-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2018-0202"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avvd-1gv9-eyb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43029?format=json","vulnerability_id":"VCID-cc9p-w184-zfej","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3327","reference_id":"","reference_type":"","scores":[{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91822","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.9183","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91836","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91863","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91866","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91862","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91882","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91878","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91876","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.9188","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91889","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/","reference_id":"3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"},{"reference_url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html","reference_id":"clamav-01023-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-23","reference_id":"GLSA-202007-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://security.gentoo.org/glsa/202007-23"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/","reference_id":"IJ67VH37NCG25PICGWFWZHSVG7PBT7MC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/","reference_id":"L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/","reference_id":"QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/","reference_id":"ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/"},{"reference_url":"https://usn.ubuntu.com/4370-1/","reference_id":"USN-4370-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4370-1/"},{"reference_url":"https://usn.ubuntu.com/4370-2/","reference_id":"USN-4370-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4370-2/"},{"reference_url":"https://usn.ubuntu.com/4435-1/","reference_id":"USN-4435-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4435-1/"},{"reference_url":"https://usn.ubuntu.com/4435-2/","reference_id":"USN-4435-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4435-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3327"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cc9p-w184-zfej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94601?format=json","vulnerability_id":"VCID-cysq-fdzg-13dd","summary":"ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in the ClamAV engine.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37167","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00411","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00418","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00415","published_at":"2026-04-01T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00401","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00397","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00402","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00404","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00408","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00407","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00481","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0048","published_at":"2026-04-21T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00479","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00478","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37167"},{"reference_url":"https://www.exploit-db.com/exploits/47687","reference_id":"47687","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://www.exploit-db.com/exploits/47687"},{"reference_url":"https://github.com/Cisco-Talos/clamav/commit/cd2f2975b93277de7f74464d48adb378375a305f","reference_id":"cd2f2975b93277de7f74464d48adb378375a305f","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://github.com/Cisco-Talos/clamav/commit/cd2f2975b93277de7f74464d48adb378375a305f"},{"reference_url":"https://www.vulncheck.com/advisories/clamav-clambc-clambc-executable-regular-expression-error","reference_id":"clamav-clambc-clambc-executable-regular-expression-error","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://www.vulncheck.com/advisories/clamav-clambc-clambc-executable-regular-expression-error"},{"reference_url":"https://www.clamav.net/","reference_id":"www.clamav.net","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://www.clamav.net/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-37167"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cysq-fdzg-13dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61699?format=json","vulnerability_id":"VCID-d3u3-epeb-guh9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20052","reference_id":"","reference_type":"","scores":[{"value":"0.03563","scoring_system":"epss","scoring_elements":"0.87702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03563","scoring_system":"epss","scoring_elements":"0.87708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89263","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89255","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.9042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90429","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90427","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.9044","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90439","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90421","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90413","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06327","scoring_system":"epss","scoring_elements":"0.90953","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06327","scoring_system":"epss","scoring_elements":"0.90942","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06327","scoring_system":"epss","scoring_elements":"0.90933","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509","reference_id":"1031509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5887-1/","reference_id":"USN-5887-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5887-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2023-20052"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3u3-epeb-guh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32130?format=json","vulnerability_id":"VCID-dfvv-cqbj-mubr","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2222","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73429","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7346","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73432","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73483","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73521","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73531","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73524","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73558","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73569","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73567","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7356","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2222"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2222","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2222"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"},{"reference_url":"https://usn.ubuntu.com/2594-1/","reference_id":"USN-2594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2594-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049762?format=json","purl":"pkg:deb/debian/clamav@0.99%2Bdfsg-0%2Bdeb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.99%252Bdfsg-0%252Bdeb6u1"}],"aliases":["CVE-2015-2222"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfvv-cqbj-mubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61694?format=json","vulnerability_id":"VCID-dn26-zfsc-ryec","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20785","reference_id":"","reference_type":"","scores":[{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77224","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77188","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77215","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77231","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77232","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77284","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77278","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77258","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR","reference_id":"cisco-sa-clamav-html-XAuOK8mR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20785"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dn26-zfsc-ryec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94647?format=json","vulnerability_id":"VCID-egd5-p68y-wfdy","summary":"A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1404","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63608","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63621","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63615","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63475","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63534","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63562","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63527","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63596","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63598","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6359","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622","reference_id":"986622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622"},{"reference_url":"https://security.archlinux.org/AVG-1787","reference_id":"AVG-1787","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1787"},{"reference_url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","reference_id":"clamav-01032-security-patch-release.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:31Z/"}],"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"reference_url":"https://usn.ubuntu.com/4918-1/","reference_id":"USN-4918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-1/"},{"reference_url":"https://usn.ubuntu.com/4918-2/","reference_id":"USN-4918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2021-1404"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egd5-p68y-wfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61692?format=json","vulnerability_id":"VCID-fp31-7krz-abbs","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20770","reference_id":"","reference_type":"","scores":[{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75079","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75134","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75121","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75117","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75076","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75044","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75081","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75372","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75427","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75436","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd","reference_id":"cisco-sa-clamav-dos-prVGcHLd","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20770"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fp31-7krz-abbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32131?format=json","vulnerability_id":"VCID-gg41-q6x3-bbbw","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2668","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73429","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7346","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73432","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73483","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73521","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73531","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73524","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73558","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73569","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73567","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7356","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2668"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"},{"reference_url":"https://usn.ubuntu.com/2594-1/","reference_id":"USN-2594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2594-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049762?format=json","purl":"pkg:deb/debian/clamav@0.99%2Bdfsg-0%2Bdeb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.99%252Bdfsg-0%252Bdeb6u1"}],"aliases":["CVE-2015-2668"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gg41-q6x3-bbbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51466?format=json","vulnerability_id":"VCID-ggz7-h35v-p7ep","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20505","reference_id":"","reference_type":"","scores":[{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74092","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74062","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75616","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75605","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75554","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75532","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75523","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75566","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75571","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75558","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962","reference_id":"1080962","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962"},{"reference_url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html","reference_id":"clamav-141-132-107-and-010312-security.html","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T13:35:13Z/"}],"url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"},{"reference_url":"https://security.gentoo.org/glsa/202507-03","reference_id":"GLSA-202507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-03"},{"reference_url":"https://usn.ubuntu.com/7011-1/","reference_id":"USN-7011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-1/"},{"reference_url":"https://usn.ubuntu.com/7011-2/","reference_id":"USN-7011-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2024-20505"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggz7-h35v-p7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36555?format=json","vulnerability_id":"VCID-guz8-mfzu-uuc9","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6419.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6419.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6419","reference_id":"","reference_type":"","scores":[{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84079","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.8414","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84092","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.8411","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84111","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84134","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84158","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02123","scoring_system":"epss","scoring_elements":"0.84152","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02272","scoring_system":"epss","scoring_elements":"0.84713","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02272","scoring_system":"epss","scoring_elements":"0.84714","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02272","scoring_system":"epss","scoring_elements":"0.84728","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02272","scoring_system":"epss","scoring_elements":"0.84676","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02272","scoring_system":"epss","scoring_elements":"0.84677","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02272","scoring_system":"epss","scoring_elements":"0.84704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02462","scoring_system":"epss","scoring_elements":"0.85246","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02462","scoring_system":"epss","scoring_elements":"0.85266","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6419"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11423","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11423"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1483909","reference_id":"1483909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1483909"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871263","reference_id":"871263","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871263"},{"reference_url":"https://security.archlinux.org/ASA-201802-9","reference_id":"ASA-201802-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-9"},{"reference_url":"https://security.archlinux.org/ASA-201803-14","reference_id":"ASA-201803-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-14"},{"reference_url":"https://security.archlinux.org/AVG-602","reference_id":"AVG-602","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-602"},{"reference_url":"https://security.archlinux.org/AVG-603","reference_id":"AVG-603","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-603"},{"reference_url":"https://security.gentoo.org/glsa/201804-16","reference_id":"GLSA-201804-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-16"},{"reference_url":"https://usn.ubuntu.com/3393-1/","reference_id":"USN-3393-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3393-1/"},{"reference_url":"https://usn.ubuntu.com/3393-2/","reference_id":"USN-3393-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3393-2/"},{"reference_url":"https://usn.ubuntu.com/3394-1/","reference_id":"USN-3394-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3394-1/"},{"reference_url":"https://usn.ubuntu.com/7788-1/","reference_id":"USN-7788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-6419"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-guz8-mfzu-uuc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48547?format=json","vulnerability_id":"VCID-h46v-x33x-t3ep","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0360","reference_id":"","reference_type":"","scores":[{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7911","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7903","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79048","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79045","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79044","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79077","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79083","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79098","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78974","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79006","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78991","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79015","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79022","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0360"},{"reference_url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"},{"reference_url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"},{"reference_url":"http://www.securitytracker.com/id/1041367","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"http://www.securitytracker.com/id/1041367"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0360","reference_id":"CVE-2018-0360","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0360"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3722-1/","reference_id":"USN-3722-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://usn.ubuntu.com/3722-1/"},{"reference_url":"https://usn.ubuntu.com/3722-2/","reference_id":"USN-3722-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://usn.ubuntu.com/3722-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2018-0360"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h46v-x33x-t3ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42660?format=json","vulnerability_id":"VCID-j2gt-uvam-hufk","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12377","reference_id":"","reference_type":"","scores":[{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95722","published_at":"2026-05-05T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95701","published_at":"2026-04-16T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95705","published_at":"2026-04-18T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95706","published_at":"2026-04-21T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95708","published_at":"2026-04-26T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95707","published_at":"2026-04-29T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95659","published_at":"2026-04-01T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95667","published_at":"2026-04-02T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95673","published_at":"2026-04-04T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95684","published_at":"2026-04-08T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95688","published_at":"2026-04-09T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95691","published_at":"2026-04-12T12:55:00Z"},{"value":"0.21357","scoring_system":"epss","scoring_elements":"0.95693","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12377"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:17Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11943","reference_id":"show_bug.cgi?id=11943","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:17Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11943"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:17Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:17Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12377"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2gt-uvam-hufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61695?format=json","vulnerability_id":"VCID-kurn-1uay-qqap","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20792","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33421","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34059","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34012","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33642","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33622","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33538","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34018","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3409","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34024","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html","reference_id":"clamav-01050-01043-01036-released.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-01T18:42:21Z/"}],"url":"https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-01T18:42:21Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20792"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kurn-1uay-qqap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51462?format=json","vulnerability_id":"VCID-mdfk-5ked-t3bu","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20197","reference_id":"","reference_type":"","scores":[{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63149","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63082","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63111","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63076","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63128","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63146","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63163","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63148","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63125","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.6316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63167","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.6317","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63184","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63183","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050057","reference_id":"1050057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050057"},{"reference_url":"https://security.gentoo.org/glsa/202507-03","reference_id":"GLSA-202507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-03"},{"reference_url":"https://usn.ubuntu.com/6303-1/","reference_id":"USN-6303-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6303-1/"},{"reference_url":"https://usn.ubuntu.com/6303-2/","reference_id":"USN-6303-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6303-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2023-20197"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdfk-5ked-t3bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61691?format=json","vulnerability_id":"VCID-mu6w-nub4-z3ef","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20698","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.4742","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47528","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47614","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47558","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47504","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47549","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47552","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47548","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47572","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47556","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html","reference_id":"clamav-01035-and-01042-security-patch.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:57Z/"}],"url":"https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:57Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5233-1/","reference_id":"USN-5233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5233-1/"},{"reference_url":"https://usn.ubuntu.com/5233-2/","reference_id":"USN-5233-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5233-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2022-20698"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu6w-nub4-z3ef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48551?format=json","vulnerability_id":"VCID-mufb-kvfq-mubz","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1785","reference_id":"","reference_type":"","scores":[{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53515","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53613","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53596","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53638","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53621","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53584","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53561","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53517","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.5354","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53566","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53585","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53581","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53631","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1785"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12284","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T17:21:23Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1785"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1785","reference_id":"CVE-2019-1785","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1785"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T17:21:23Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1785"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mufb-kvfq-mubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72794?format=json","vulnerability_id":"VCID-n51n-m2r7-kbdy","summary":"bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12900","reference_id":"","reference_type":"","scores":[{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78239","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78111","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78143","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.7815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.7818","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78179","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78206","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78226","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.78283","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.7829","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2332075","reference_id":"2332075","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2332075"},{"reference_url":"https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc","reference_id":"74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930886","reference_id":"930886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359","reference_id":"934359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359"},{"reference_url":"https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"K68713584?utm_source=f5support&amp%3Butm_medium=RSS","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html","reference_id":"msg00040.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html","reference_id":"msg00050.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html"},{"reference_url":"https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E","reference_id":"rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E","reference_id":"rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10803","reference_id":"RHSA-2024:10803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8922","reference_id":"RHSA-2024:8922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0733","reference_id":"RHSA-2025:0733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0925","reference_id":"RHSA-2025:0925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1154","reference_id":"RHSA-2025:1154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1154"},{"reference_url":"https://usn.ubuntu.com/4038-1/","reference_id":"USN-4038-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4038-1/"},{"reference_url":"https://usn.ubuntu.com/4038-2/","reference_id":"USN-4038-2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4038-2/"},{"reference_url":"https://usn.ubuntu.com/4146-1/","reference_id":"USN-4146-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4146-1/"},{"reference_url":"https://usn.ubuntu.com/4146-2/","reference_id":"USN-4146-2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4146-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-12900"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n51n-m2r7-kbdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40170?format=json","vulnerability_id":"VCID-new8-u5x9-nkeb","summary":"A vulnerability in ClamAV could lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1405","reference_id":"","reference_type":"","scores":[{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81156","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81068","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81106","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81108","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81105","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81129","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81136","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81143","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81005","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81064","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81071","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81089","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81075","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622","reference_id":"986622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622"},{"reference_url":"https://security.archlinux.org/AVG-1787","reference_id":"AVG-1787","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1787"},{"reference_url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","reference_id":"clamav-01032-security-patch-release.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:34Z/"}],"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"reference_url":"https://security.gentoo.org/glsa/202104-07","reference_id":"GLSA-202104-07","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:34Z/"}],"url":"https://security.gentoo.org/glsa/202104-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:34Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"},{"reference_url":"https://usn.ubuntu.com/4918-1/","reference_id":"USN-4918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-1/"},{"reference_url":"https://usn.ubuntu.com/4918-2/","reference_id":"USN-4918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2021-1405"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-new8-u5x9-nkeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36554?format=json","vulnerability_id":"VCID-ntvt-zdsj-1fgt","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6418","reference_id":"","reference_type":"","scores":[{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59005","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59058","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59045","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.58939","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59015","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59003","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59054","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.5906","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59079","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59061","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59042","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59077","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59082","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59041","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6418","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6418"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"https://security.gentoo.org/glsa/201804-16","reference_id":"GLSA-201804-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-16"},{"reference_url":"https://usn.ubuntu.com/3393-1/","reference_id":"USN-3393-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3393-1/"},{"reference_url":"https://usn.ubuntu.com/3393-2/","reference_id":"USN-3393-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3393-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-6418"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntvt-zdsj-1fgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48548?format=json","vulnerability_id":"VCID-nu3x-4yc8-ufg6","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0361","reference_id":"","reference_type":"","scores":[{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72525","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72488","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72497","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72486","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72536","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72534","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72399","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72422","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72451","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72474","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72446","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0361"},{"reference_url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"},{"reference_url":"http://www.securitytracker.com/id/1041367","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"http://www.securitytracker.com/id/1041367"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0361","reference_id":"CVE-2018-0361","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0361"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3722-1/","reference_id":"USN-3722-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3722-1/"},{"reference_url":"https://usn.ubuntu.com/3722-2/","reference_id":"USN-3722-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3722-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2018-0361"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nu3x-4yc8-ufg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48555?format=json","vulnerability_id":"VCID-p5hg-2rdb-z3hq","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1788","reference_id":"","reference_type":"","scores":[{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9282","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92827","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92838","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92841","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92846","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92856","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92857","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92862","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92868","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9287","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92866","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92875","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9283","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1788"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1788","reference_id":"CVE-2019-1788","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1788"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3940-1/","reference_id":"USN-3940-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-1/"},{"reference_url":"https://usn.ubuntu.com/3940-2/","reference_id":"USN-3940-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1788"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5hg-2rdb-z3hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48557?format=json","vulnerability_id":"VCID-qacw-bby8-9kdg","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1798","reference_id":"","reference_type":"","scores":[{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.8165","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81557","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81594","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.816","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81621","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.8163","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81634","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81492","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81503","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81525","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81556","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81576","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81564","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1798"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12262","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:52Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12262"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1798"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1798","reference_id":"CVE-2019-1798","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1798"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:52Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1798"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qacw-bby8-9kdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42661?format=json","vulnerability_id":"VCID-qwwa-mf8k-2fdc","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12378","reference_id":"","reference_type":"","scores":[{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91947","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91941","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91935","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.9194","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91939","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91882","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.9189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91905","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91917","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91923","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91926","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91925","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07706","scoring_system":"epss","scoring_elements":"0.91922","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:55:32Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:55:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11946","reference_id":"show_bug.cgi?id=11946","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:55:32Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11946"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:55:32Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-02T18:55:32Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12378"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwwa-mf8k-2fdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42662?format=json","vulnerability_id":"VCID-seed-bera-73ez","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12379","reference_id":"","reference_type":"","scores":[{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94736","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94719","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94726","published_at":"2026-04-24T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94728","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94673","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94681","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94686","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94696","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94701","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94705","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.94709","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15693","scoring_system":"epss","scoring_elements":"0.9471","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12379"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12379","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12379"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:16Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11944","reference_id":"show_bug.cgi?id=11944","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:16Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11944"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:16Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:24:16Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12379"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-seed-bera-73ez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61693?format=json","vulnerability_id":"VCID-tzph-y73s-6qb9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20771","reference_id":"","reference_type":"","scores":[{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76836","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76877","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76887","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76868","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76804","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76845","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77076","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77047","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77057","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77089","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG","reference_id":"cisco-sa-clamav-dos-ZAZBwRVG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20771"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzph-y73s-6qb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47381?format=json","vulnerability_id":"VCID-u3pj-kant-effb","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3123","reference_id":"","reference_type":"","scores":[{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85116","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85031","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85054","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85053","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85049","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.8507","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85072","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85094","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85101","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.84973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.84987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85009","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3123"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950944","reference_id":"950944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950944"},{"reference_url":"https://security.archlinux.org/AVG-1168","reference_id":"AVG-1168","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1168"},{"reference_url":"https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html","reference_id":"clamav-01022-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"},{"reference_url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062","reference_id":"CSCvs59062","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"},{"reference_url":"https://security.gentoo.org/glsa/202003-46","reference_id":"GLSA-202003-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://security.gentoo.org/glsa/202003-46"},{"reference_url":"https://usn.ubuntu.com/4280-1/","reference_id":"USN-4280-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://usn.ubuntu.com/4280-1/"},{"reference_url":"https://usn.ubuntu.com/4280-2/","reference_id":"USN-4280-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://usn.ubuntu.com/4280-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2020-3123"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3pj-kant-effb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42657?format=json","vulnerability_id":"VCID-u4qp-vcnh-c3dd","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12374","reference_id":"","reference_type":"","scores":[{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91724","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91709","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.9171","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91716","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91713","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91712","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91652","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.9166","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91666","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91687","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91694","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91697","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91696","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07329","scoring_system":"epss","scoring_elements":"0.91717","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12374"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:39Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11939","reference_id":"show_bug.cgi?id=11939","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:39Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11939"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:39Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:39Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12374"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4qp-vcnh-c3dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58946?format=json","vulnerability_id":"VCID-uzg5-a999-afhp","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2305.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2305","reference_id":"","reference_type":"","scores":[{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96506","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96515","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.9652","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96524","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96532","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96534","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96537","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.9654","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96546","published_at":"2026-04-16T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96552","published_at":"2026-04-18T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96555","published_at":"2026-04-26T12:55:00Z"},{"value":"0.28664","scoring_system":"epss","scoring_elements":"0.96556","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32919","scoring_system":"epss","scoring_elements":"0.96909","published_at":"2026-04-29T12:55:00Z"},{"value":"0.32919","scoring_system":"epss","scoring_elements":"0.96913","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191049","reference_id":"1191049","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1191049"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778397","reference_id":"778397","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778397"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778402","reference_id":"778402","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778402"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778406","reference_id":"778406","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778406"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778408","reference_id":"778408","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778408"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778409","reference_id":"778409","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778409"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778412","reference_id":"778412","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1053","reference_id":"RHSA-2015:1053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1066","reference_id":"RHSA-2015:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1066"},{"reference_url":"https://usn.ubuntu.com/2572-1/","reference_id":"USN-2572-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2572-1/"},{"reference_url":"https://usn.ubuntu.com/2594-1/","reference_id":"USN-2594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2594-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049762?format=json","purl":"pkg:deb/debian/clamav@0.99%2Bdfsg-0%2Bdeb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.99%252Bdfsg-0%252Bdeb6u1"}],"aliases":["CVE-2015-2305"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzg5-a999-afhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32128?format=json","vulnerability_id":"VCID-uzyz-uw16-7ufk","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2170","reference_id":"","reference_type":"","scores":[{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73429","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7346","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73432","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73469","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73483","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73507","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73479","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73521","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73531","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73524","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73558","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73569","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.73567","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00768","scoring_system":"epss","scoring_elements":"0.7356","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2170"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2170","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2170"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"},{"reference_url":"https://usn.ubuntu.com/2594-1/","reference_id":"USN-2594-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2594-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049762?format=json","purl":"pkg:deb/debian/clamav@0.99%2Bdfsg-0%2Bdeb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.99%252Bdfsg-0%252Bdeb6u1"}],"aliases":["CVE-2015-2170"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzyz-uw16-7ufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94570?format=json","vulnerability_id":"VCID-vbmy-urt6-myha","summary":"A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3341","reference_id":"","reference_type":"","scores":[{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88522","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.8853","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88547","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88551","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88569","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88574","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88586","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88578","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88579","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88592","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88588","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88602","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88606","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88618","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/","reference_id":"3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"},{"reference_url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html","reference_id":"clamav-01023-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/","reference_id":"L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/","reference_id":"ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/"},{"reference_url":"https://usn.ubuntu.com/4370-1/","reference_id":"USN-4370-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://usn.ubuntu.com/4370-1/"},{"reference_url":"https://usn.ubuntu.com/4370-2/","reference_id":"USN-4370-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://usn.ubuntu.com/4370-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3341"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbmy-urt6-myha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96513?format=json","vulnerability_id":"VCID-vdhk-r67a-s3fr","summary":"A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r \r This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r For a description of this vulnerability, see the .\r Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20128","reference_id":"","reference_type":"","scores":[{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81672","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81598","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81585","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81617","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.8162","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81642","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81651","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81656","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81822","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81799","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81852","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81819","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20128"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093880","reference_id":"1093880","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093880"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA","reference_id":"cisco-sa-clamav-ole2-H549rphA","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T16:54:39Z/"}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA"},{"reference_url":"https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html","reference_id":"clamav-142-and-108-security-patch.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T16:54:39Z/"}],"url":"https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"},{"reference_url":"https://usn.ubuntu.com/7229-1/","reference_id":"USN-7229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7229-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2025-20128"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdhk-r67a-s3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92862?format=json","vulnerability_id":"VCID-vqyc-hxfb-ufav","summary":"ClamAV (aka Clam AntiVirus) before 0.99.2 allows remote attackers to cause a denial of service (application crash) via a crafted 7z file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1372","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6664","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66521","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6656","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66585","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66605","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66618","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66624","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66591","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66627","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66642","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66652","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66666","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66665","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1372"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1372","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1372"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/3093-1/","reference_id":"USN-3093-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3093-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2016-1372"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqyc-hxfb-ufav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51467?format=json","vulnerability_id":"VCID-wjvc-p75d-p3a9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20506","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10683","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10841","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.108","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1074","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10918","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10982","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10905","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10883","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10742","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10755","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10881","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962","reference_id":"1080962","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962"},{"reference_url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html","reference_id":"clamav-141-132-107-and-010312-security.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T13:34:43Z/"}],"url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"},{"reference_url":"https://security.gentoo.org/glsa/202507-03","reference_id":"GLSA-202507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-03"},{"reference_url":"https://usn.ubuntu.com/7011-1/","reference_id":"USN-7011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-1/"},{"reference_url":"https://usn.ubuntu.com/7011-2/","reference_id":"USN-7011-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2024-20506"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjvc-p75d-p3a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43031?format=json","vulnerability_id":"VCID-xfzw-afgg-fqdc","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3481","reference_id":"","reference_type":"","scores":[{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86451","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.8647","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.8648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86495","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86492","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86487","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86502","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86519","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86528","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86548","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3481"},{"reference_url":"https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html","reference_id":"clamav-01024-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-23","reference_id":"GLSA-202007-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://security.gentoo.org/glsa/202007-23"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/","reference_id":"IJ67VH37NCG25PICGWFWZHSVG7PBT7MC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/","reference_id":"QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"},{"reference_url":"https://usn.ubuntu.com/4435-1/","reference_id":"USN-4435-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://usn.ubuntu.com/4435-1/"},{"reference_url":"https://usn.ubuntu.com/4435-2/","reference_id":"USN-4435-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://usn.ubuntu.com/4435-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3481"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfzw-afgg-fqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94646?format=json","vulnerability_id":"VCID-xwgq-w8k4-xbcn","summary":"A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1252","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67624","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67645","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67647","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67514","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.6755","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67571","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67549","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67614","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67637","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.6759","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67625","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622","reference_id":"986622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622"},{"reference_url":"https://security.archlinux.org/AVG-1787","reference_id":"AVG-1787","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1787"},{"reference_url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","reference_id":"clamav-01032-security-patch-release.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:36Z/"}],"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"reference_url":"https://usn.ubuntu.com/4918-1/","reference_id":"USN-4918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-1/"},{"reference_url":"https://usn.ubuntu.com/4918-2/","reference_id":"USN-4918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2021-1252"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xwgq-w8k4-xbcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42658?format=json","vulnerability_id":"VCID-y3k7-e14w-xqbn","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12375","reference_id":"","reference_type":"","scores":[{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92934","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92921","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92926","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92929","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92931","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92927","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92881","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92889","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92894","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92892","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.929","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92904","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92909","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92908","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09673","scoring_system":"epss","scoring_elements":"0.92918","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12375"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12375","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12375"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:38Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:38Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11940","reference_id":"show_bug.cgi?id=11940","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:38Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11940"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:38Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:38Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12375"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3k7-e14w-xqbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36553?format=json","vulnerability_id":"VCID-y5mg-rpf8-cbe7","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11423.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11423.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11423","reference_id":"","reference_type":"","scores":[{"value":"0.02813","scoring_system":"epss","scoring_elements":"0.86203","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02813","scoring_system":"epss","scoring_elements":"0.86161","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02813","scoring_system":"epss","scoring_elements":"0.86153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02813","scoring_system":"epss","scoring_elements":"0.86173","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02813","scoring_system":"epss","scoring_elements":"0.86183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86636","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86655","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86674","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86697","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86694","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86688","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86701","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03047","scoring_system":"epss","scoring_elements":"0.86625","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11423"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11423","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11423"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6419"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472776","reference_id":"1472776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1472776"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868956","reference_id":"868956","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868956"},{"reference_url":"https://security.archlinux.org/ASA-201802-9","reference_id":"ASA-201802-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-9"},{"reference_url":"https://security.archlinux.org/ASA-201803-14","reference_id":"ASA-201803-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201803-14"},{"reference_url":"https://security.archlinux.org/AVG-602","reference_id":"AVG-602","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-602"},{"reference_url":"https://security.archlinux.org/AVG-603","reference_id":"AVG-603","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-603"},{"reference_url":"https://security.gentoo.org/glsa/201804-16","reference_id":"GLSA-201804-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-16"},{"reference_url":"https://usn.ubuntu.com/3394-1/","reference_id":"USN-3394-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3394-1/"},{"reference_url":"https://usn.ubuntu.com/7788-1/","reference_id":"USN-7788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-11423"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5mg-rpf8-cbe7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42663?format=json","vulnerability_id":"VCID-zbkr-bd4m-77cs","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12380","reference_id":"","reference_type":"","scores":[{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94172","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94144","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.9416","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94165","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94164","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94166","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94101","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94111","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94139","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13224","scoring_system":"epss","scoring_elements":"0.94143","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12380"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:35Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11945","reference_id":"show_bug.cgi?id=11945","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:35Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11945"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:35Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-02T19:11:35Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12380"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zbkr-bd4m-77cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43030?format=json","vulnerability_id":"VCID-zeub-1qhs-pyfh","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3350","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32519","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32668","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32524","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32571","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32599","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32535","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.3255","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32517","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32232","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32147","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32008","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy","reference_id":"cisco-sa-famp-ZEpdXy","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy"},{"reference_url":"https://security.gentoo.org/glsa/202007-23","reference_id":"GLSA-202007-23","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://security.gentoo.org/glsa/202007-23"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/","reference_id":"IJ67VH37NCG25PICGWFWZHSVG7PBT7MC","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/","reference_id":"QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"},{"reference_url":"https://usn.ubuntu.com/4435-1/","reference_id":"USN-4435-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://usn.ubuntu.com/4435-1/"},{"reference_url":"https://usn.ubuntu.com/4435-2/","reference_id":"USN-4435-2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://usn.ubuntu.com/4435-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3350"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zeub-1qhs-pyfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42659?format=json","vulnerability_id":"VCID-zys1-2pnp-h3an","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12376","reference_id":"","reference_type":"","scores":[{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95161","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95141","published_at":"2026-04-16T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95144","published_at":"2026-04-18T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95146","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95147","published_at":"2026-04-26T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95148","published_at":"2026-04-29T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95096","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95111","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95118","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95122","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95128","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.9513","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17824","scoring_system":"epss","scoring_elements":"0.95133","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12376"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484","reference_id":"888484","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888484"},{"reference_url":"https://security.archlinux.org/ASA-201802-1","reference_id":"ASA-201802-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-1"},{"reference_url":"https://security.archlinux.org/AVG-601","reference_id":"AVG-601","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-601"},{"reference_url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html","reference_id":"clamav-0993-has-been-released.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:09:02Z/"}],"url":"http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html"},{"reference_url":"https://security.gentoo.org/glsa/201801-19","reference_id":"GLSA-201801-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-19"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html","reference_id":"msg00035.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:09:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00035.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11942","reference_id":"show_bug.cgi?id=11942","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:09:02Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11942"},{"reference_url":"https://usn.ubuntu.com/3550-1/","reference_id":"USN-3550-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:09:02Z/"}],"url":"https://usn.ubuntu.com/3550-1/"},{"reference_url":"https://usn.ubuntu.com/3550-2/","reference_id":"USN-3550-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-02T19:09:02Z/"}],"url":"https://usn.ubuntu.com/3550-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049764?format=json","purl":"pkg:deb/debian/clamav@0.100.0%2Bdfsg-0%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.100.0%252Bdfsg-0%252Bdeb8u1"}],"aliases":["CVE-2017-12376"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zys1-2pnp-h3an"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32126?format=json","vulnerability_id":"VCID-5tr5-pbwa-kyhs","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1463","reference_id":"","reference_type":"","scores":[{"value":"0.01613","scoring_system":"epss","scoring_elements":"0.81872","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83183","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83184","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83187","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83209","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83217","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83224","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87644","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87654","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87667","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87668","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87689","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.87706","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03554","scoring_system":"epss","scoring_elements":"0.877","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1463"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3rrt-vgz7-8bgz"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dfvv-cqbj-mubr"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-gg41-q6x3-bbbw"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-uzg5-a999-afhp"},{"vulnerability":"VCID-uzyz-uw16-7ufk"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}],"aliases":["CVE-2015-1463"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5tr5-pbwa-kyhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32123?format=json","vulnerability_id":"VCID-bcbq-sbmz-ayd1","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9328","reference_id":"","reference_type":"","scores":[{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93715","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93738","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93747","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.9375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93754","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93776","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93782","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93784","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93788","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93785","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11943","scoring_system":"epss","scoring_elements":"0.93793","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9328"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"},{"reference_url":"https://usn.ubuntu.com/2488-1/","reference_id":"USN-2488-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2488-1/"},{"reference_url":"https://usn.ubuntu.com/2488-2/","reference_id":"USN-2488-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2488-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3rrt-vgz7-8bgz"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dfvv-cqbj-mubr"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-gg41-q6x3-bbbw"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-uzg5-a999-afhp"},{"vulnerability":"VCID-uzyz-uw16-7ufk"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}],"aliases":["CVE-2014-9328"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcbq-sbmz-ayd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92534?format=json","vulnerability_id":"VCID-beus-rm7h-3qga","summary":"clamscan in ClamAV before 0.98.5, when using -a option, allows remote attackers to cause a denial of service (crash) as demonstrated by the jwplayer.js file.","references":[{"reference_url":"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144754.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6497","reference_id":"","reference_type":"","scores":[{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.60996","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.60903","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.60975","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.60969","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61017","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61033","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61054","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.6104","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.6102","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61067","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61052","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61047","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-6497"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=11088","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=11088"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1138101","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1138101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6497"},{"reference_url":"http://secunia.com/advisories/59645","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59645"},{"reference_url":"http://secunia.com/advisories/60150","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/60150"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/98804","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/98804"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:217","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:217"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/11/19/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/11/19/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/11/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/11/19/5"},{"reference_url":"http://www.securityfocus.com/bid/71178","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71178"},{"reference_url":"http://www.ubuntu.com/usn/USN-2423-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2423-1"},{"reference_url":"http://www.ubuntu.com/usn/USN-2488-2","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2488-2"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6497","reference_id":"CVE-2013-6497","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6497"},{"reference_url":"https://usn.ubuntu.com/2423-1/","reference_id":"USN-2423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2423-1/"},{"reference_url":"https://usn.ubuntu.com/2488-2/","reference_id":"USN-2488-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2488-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3rrt-vgz7-8bgz"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dfvv-cqbj-mubr"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-gg41-q6x3-bbbw"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-uzg5-a999-afhp"},{"vulnerability":"VCID-uzyz-uw16-7ufk"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}],"aliases":["CVE-2013-6497"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-beus-rm7h-3qga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32124?format=json","vulnerability_id":"VCID-p5qn-njcb-1fdr","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1461","reference_id":"","reference_type":"","scores":[{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.84948","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.84963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.8498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.84984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85007","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.8503","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85028","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85025","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85046","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85048","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85045","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.8507","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85079","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85077","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85091","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1461"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1461","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1461"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3rrt-vgz7-8bgz"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dfvv-cqbj-mubr"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-gg41-q6x3-bbbw"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-uzg5-a999-afhp"},{"vulnerability":"VCID-uzyz-uw16-7ufk"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}],"aliases":["CVE-2015-1461"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5qn-njcb-1fdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/32125?format=json","vulnerability_id":"VCID-pwm2-bk7k-j7cm","summary":"Multiple vulnerabilities have been found in ClamAV, possibly\n    resulting in Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1462","reference_id":"","reference_type":"","scores":[{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.84948","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.84963","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.8498","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.84984","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85007","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.8503","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85028","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85025","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85046","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85048","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85045","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.8507","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85079","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85077","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0239","scoring_system":"epss","scoring_elements":"0.85091","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1462"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1462","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1462"},{"reference_url":"https://security.gentoo.org/glsa/201512-08","reference_id":"GLSA-201512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3rrt-vgz7-8bgz"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dfvv-cqbj-mubr"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-gg41-q6x3-bbbw"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-uzg5-a999-afhp"},{"vulnerability":"VCID-uzyz-uw16-7ufk"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}],"aliases":["CVE-2015-1462"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pwm2-bk7k-j7cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49704?format=json","vulnerability_id":"VCID-pzw9-7mr3-kugx","summary":"A vulnerability in Clam AntiVirus can lead to a Denial of Service\n    condition.","references":[{"reference_url":"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html","reference_id":"","reference_type":"","scores":[],"url":"http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144979.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00003.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00007.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9050","reference_id":"","reference_type":"","scores":[{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91427","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91331","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91335","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91345","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91352","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91365","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91371","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91378","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91381","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91405","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91403","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91415","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91413","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06887","scoring_system":"epss","scoring_elements":"0.91412","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9050"},{"reference_url":"http://secunia.com/advisories/59645","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/59645"},{"reference_url":"http://secunia.com/advisories/62542","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62542"},{"reference_url":"https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vrtadmin/clamav-devel/commit/fc3794a54d2affe5770c1f876484a871c783e91e"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/11/22/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/11/22/1"},{"reference_url":"http://www.securityfocus.com/bid/71242","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71242"},{"reference_url":"http://www.securitytracker.com/id/1031268","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1031268"},{"reference_url":"http://www.ubuntu.com/usn/USN-2423-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2423-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770985","reference_id":"770985","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770985"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.03:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.05:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.14:pre:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.60:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.60p:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.65:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.66:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.67:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.67-1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.68:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.68.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.70:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.72:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.73:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.74:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.75:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.75.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80_rc:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.80:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.81:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.81:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.82:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.83:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.84:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.84:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.84:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.85:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.85.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.86:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.87:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.87.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.7_p0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.88.7_p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.8:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.1_p0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.2_p0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.3_p0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90.3_p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc1.1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.90:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91.2_p0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.91:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.92:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.92.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.92_p0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.93.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.94.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.9:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9050","reference_id":"CVE-2014-9050","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9050"},{"reference_url":"https://security.gentoo.org/glsa/201412-05","reference_id":"GLSA-201412-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-05"},{"reference_url":"https://usn.ubuntu.com/2423-1/","reference_id":"USN-2423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2423-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049760?format=json","purl":"pkg:deb/debian/clamav@0.98.6%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1346-uavy-pbdb"},{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-32nc-x9aw-a3fb"},{"vulnerability":"VCID-3rrt-vgz7-8bgz"},{"vulnerability":"VCID-3uwh-y2m1-nugc"},{"vulnerability":"VCID-4eva-e818-yfgq"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-5hnm-hz17-2bey"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-7dcd-v8q9-b3bv"},{"vulnerability":"VCID-8s2g-2brb-tfhq"},{"vulnerability":"VCID-8y9g-m17c-kyey"},{"vulnerability":"VCID-a4nz-5cr8-13an"},{"vulnerability":"VCID-aagg-bbac-rfez"},{"vulnerability":"VCID-avvd-1gv9-eyb9"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dfvv-cqbj-mubr"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-gg41-q6x3-bbbw"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-guz8-mfzu-uuc9"},{"vulnerability":"VCID-h46v-x33x-t3ep"},{"vulnerability":"VCID-j2gt-uvam-hufk"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-mufb-kvfq-mubz"},{"vulnerability":"VCID-n51n-m2r7-kbdy"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-ntvt-zdsj-1fgt"},{"vulnerability":"VCID-nu3x-4yc8-ufg6"},{"vulnerability":"VCID-p5hg-2rdb-z3hq"},{"vulnerability":"VCID-qacw-bby8-9kdg"},{"vulnerability":"VCID-qwwa-mf8k-2fdc"},{"vulnerability":"VCID-seed-bera-73ez"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-u3pj-kant-effb"},{"vulnerability":"VCID-u4qp-vcnh-c3dd"},{"vulnerability":"VCID-uzg5-a999-afhp"},{"vulnerability":"VCID-uzyz-uw16-7ufk"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-vqyc-hxfb-ufav"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-y3k7-e14w-xqbn"},{"vulnerability":"VCID-y5mg-rpf8-cbe7"},{"vulnerability":"VCID-zbkr-bd4m-77cs"},{"vulnerability":"VCID-zeub-1qhs-pyfh"},{"vulnerability":"VCID-zys1-2pnp-h3an"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}],"aliases":["CVE-2014-9050"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzw9-7mr3-kugx"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.98.6%252Bdfsg-1"}