{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","type":"deb","namespace":"debian","name":"clamav","version":"0.102.3+dfsg-0~deb9u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.4.4+dfsg-1","latest_non_vulnerable_version":"1.4.4+dfsg-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61696?format=json","vulnerability_id":"VCID-2aju-u36p-gug9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20796","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09742","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09498","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09393","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09394","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09544","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0959","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09515","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09425","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09584","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09656","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09632","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09665","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09731","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09726","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09497","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09409","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09483","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09516","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20796"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20796"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4","reference_id":"cisco-sa-clamav-dos-vL9x58p4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-vL9x58p4"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-06T15:58:27Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20796"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2aju-u36p-gug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61698?format=json","vulnerability_id":"VCID-4z4r-2w8m-r7dz","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20032","reference_id":"","reference_type":"","scores":[{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91624","published_at":"2026-05-16T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91577","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91591","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.916","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91598","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91608","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91615","published_at":"2026-05-14T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91564","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.9156","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91559","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91568","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91566","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07124","scoring_system":"epss","scoring_elements":"0.91565","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.91644","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.9165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.91658","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.9167","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07305","scoring_system":"epss","scoring_elements":"0.91677","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20032"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20032"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509","reference_id":"1031509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5887-1/","reference_id":"USN-5887-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5887-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2023-20032"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z4r-2w8m-r7dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96514?format=json","vulnerability_id":"VCID-63vt-1nc8-6kfc","summary":"A vulnerability in the PDF scanning processes of ClamAV could allow an unauthenticated, remote attacker to cause a buffer overflow condition, cause a denial of service (DoS) condition, or execute arbitrary code on an affected device.\r \r This vulnerability exists because memory buffers are allocated incorrectly when PDF files are processed. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to trigger a buffer overflow, likely resulting in the termination of the ClamAV scanning process and a DoS condition on the affected software. Although unproven, there is also a possibility that an attacker could leverage the buffer overflow to execute arbitrary code with the privileges of the ClamAV process.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20260","reference_id":"","reference_type":"","scores":[{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72859","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.7286","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72811","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72883","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72831","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00739","scoring_system":"epss","scoring_elements":"0.72845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81145","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81078","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81096","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81137","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81141","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.80981","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.80983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81004","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81014","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81024","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81038","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.8106","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01474","scoring_system":"epss","scoring_elements":"0.81082","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20260"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108046","reference_id":"1108046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108046"},{"reference_url":"https://security.archlinux.org/AVG-2903","reference_id":"AVG-2903","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2903"},{"reference_url":"https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html","reference_id":"clamav-143-and-109-security-patch.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-18T17:49:35Z/"}],"url":"https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html"},{"reference_url":"https://usn.ubuntu.com/7615-1/","reference_id":"USN-7615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7615-1/"},{"reference_url":"https://usn.ubuntu.com/7615-2/","reference_id":"USN-7615-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7615-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2025-20260"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63vt-1nc8-6kfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43029?format=json","vulnerability_id":"VCID-cc9p-w184-zfej","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3327","reference_id":"","reference_type":"","scores":[{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.9183","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91863","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91836","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91822","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91935","published_at":"2026-05-16T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91942","published_at":"2026-05-15T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91933","published_at":"2026-05-14T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91918","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.9191","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91912","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91902","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.9188","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91876","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91878","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91882","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91862","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07618","scoring_system":"epss","scoring_elements":"0.91866","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3327"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/","reference_id":"3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"},{"reference_url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html","reference_id":"clamav-01023-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-23","reference_id":"GLSA-202007-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://security.gentoo.org/glsa/202007-23"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/","reference_id":"IJ67VH37NCG25PICGWFWZHSVG7PBT7MC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/","reference_id":"L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/","reference_id":"QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/","reference_id":"ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/"},{"reference_url":"https://usn.ubuntu.com/4370-1/","reference_id":"USN-4370-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4370-1/"},{"reference_url":"https://usn.ubuntu.com/4370-2/","reference_id":"USN-4370-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4370-2/"},{"reference_url":"https://usn.ubuntu.com/4435-1/","reference_id":"USN-4435-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4435-1/"},{"reference_url":"https://usn.ubuntu.com/4435-2/","reference_id":"USN-4435-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:23Z/"}],"url":"https://usn.ubuntu.com/4435-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3327"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cc9p-w184-zfej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94601?format=json","vulnerability_id":"VCID-cysq-fdzg-13dd","summary":"ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious bytecode or cause unexpected behavior in the ClamAV engine.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37167","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00415","published_at":"2026-04-01T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00418","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00411","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00407","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00408","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00404","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00402","published_at":"2026-04-13T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00397","published_at":"2026-04-16T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00401","published_at":"2026-04-18T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00472","published_at":"2026-05-15T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00471","published_at":"2026-05-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00474","published_at":"2026-05-14T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0048","published_at":"2026-04-21T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00479","published_at":"2026-04-26T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00478","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00481","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00483","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00473","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-37167"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37167","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-37167"},{"reference_url":"https://www.exploit-db.com/exploits/47687","reference_id":"47687","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://www.exploit-db.com/exploits/47687"},{"reference_url":"https://github.com/Cisco-Talos/clamav/commit/cd2f2975b93277de7f74464d48adb378375a305f","reference_id":"cd2f2975b93277de7f74464d48adb378375a305f","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://github.com/Cisco-Talos/clamav/commit/cd2f2975b93277de7f74464d48adb378375a305f"},{"reference_url":"https://www.vulncheck.com/advisories/clamav-clambc-clambc-executable-regular-expression-error","reference_id":"clamav-clambc-clambc-executable-regular-expression-error","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://www.vulncheck.com/advisories/clamav-clambc-clambc-executable-regular-expression-error"},{"reference_url":"https://www.clamav.net/","reference_id":"www.clamav.net","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-02-13T17:08:35Z/"}],"url":"https://www.clamav.net/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-37167"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cysq-fdzg-13dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61699?format=json","vulnerability_id":"VCID-d3u3-epeb-guh9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20052","reference_id":"","reference_type":"","scores":[{"value":"0.03563","scoring_system":"epss","scoring_elements":"0.87708","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03563","scoring_system":"epss","scoring_elements":"0.87702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89255","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89263","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89289","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89292","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.8932","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.893","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.89281","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04582","scoring_system":"epss","scoring_elements":"0.8933","published_at":"2026-05-16T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90427","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90421","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.9042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90413","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90429","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.9044","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90439","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06327","scoring_system":"epss","scoring_elements":"0.90953","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06327","scoring_system":"epss","scoring_elements":"0.90942","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06327","scoring_system":"epss","scoring_elements":"0.90933","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20052"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509","reference_id":"1031509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031509"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5887-1/","reference_id":"USN-5887-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5887-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2023-20052"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3u3-epeb-guh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61694?format=json","vulnerability_id":"VCID-dn26-zfsc-ryec","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20785","reference_id":"","reference_type":"","scores":[{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77215","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77342","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77135","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77323","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77334","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77312","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77284","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77278","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77258","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77224","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77232","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77231","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77188","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79295","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.79279","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01222","scoring_system":"epss","scoring_elements":"0.7929","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20785"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR","reference_id":"cisco-sa-clamav-html-XAuOK8mR","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-html-XAuOK8mR"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:30Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20785"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dn26-zfsc-ryec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94647?format=json","vulnerability_id":"VCID-egd5-p68y-wfdy","summary":"A vulnerability in the PDF parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper buffer size tracking that may result in a heap buffer over-read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1404","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63749","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63675","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63726","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63735","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63475","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63534","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63562","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63527","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63596","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63598","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.6359","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63608","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63621","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63615","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63631","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63684","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63649","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1404"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622","reference_id":"986622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622"},{"reference_url":"https://security.archlinux.org/AVG-1787","reference_id":"AVG-1787","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1787"},{"reference_url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","reference_id":"clamav-01032-security-patch-release.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:31Z/"}],"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"reference_url":"https://usn.ubuntu.com/4918-1/","reference_id":"USN-4918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-1/"},{"reference_url":"https://usn.ubuntu.com/4918-2/","reference_id":"USN-4918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2021-1404"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-egd5-p68y-wfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61692?format=json","vulnerability_id":"VCID-fp31-7krz-abbs","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20770","reference_id":"","reference_type":"","scores":[{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75228","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75081","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75076","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75055","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75044","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75175","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75166","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75184","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75161","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75134","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75121","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75117","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75079","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75089","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75242","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00861","scoring_system":"epss","scoring_elements":"0.75233","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75436","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75372","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00885","scoring_system":"epss","scoring_elements":"0.75427","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20770"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20770"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd","reference_id":"cisco-sa-clamav-dos-prVGcHLd","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-prVGcHLd"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20770"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fp31-7krz-abbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51466?format=json","vulnerability_id":"VCID-ggz7-h35v-p7ep","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20505","reference_id":"","reference_type":"","scores":[{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74059","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74107","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74092","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74062","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00803","scoring_system":"epss","scoring_elements":"0.74088","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75751","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75672","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75727","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75742","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75554","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75532","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75523","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75566","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75571","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75558","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75596","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75605","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75616","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75645","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75671","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0089","scoring_system":"epss","scoring_elements":"0.75656","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20505"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20505"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962","reference_id":"1080962","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962"},{"reference_url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html","reference_id":"clamav-141-132-107-and-010312-security.html","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T13:35:13Z/"}],"url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"},{"reference_url":"https://security.gentoo.org/glsa/202507-03","reference_id":"GLSA-202507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-03"},{"reference_url":"https://usn.ubuntu.com/7011-1/","reference_id":"USN-7011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-1/"},{"reference_url":"https://usn.ubuntu.com/7011-2/","reference_id":"USN-7011-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2024-20505"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggz7-h35v-p7ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61695?format=json","vulnerability_id":"VCID-kurn-1uay-qqap","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20792","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33538","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33466","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33442","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33531","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33491","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33421","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34157","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34018","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3409","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34048","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34024","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34059","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34047","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34012","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33642","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33622","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37595","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37554","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37573","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20792"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html","reference_id":"clamav-01050-01043-01036-released.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-01T18:42:21Z/"}],"url":"https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-01T18:42:21Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20792"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kurn-1uay-qqap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51462?format=json","vulnerability_id":"VCID-mdfk-5ked-t3bu","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20197","reference_id":"","reference_type":"","scores":[{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63244","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63082","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63111","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63076","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63128","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63146","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63163","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63148","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63125","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.6316","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63167","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.6317","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63184","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63149","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63192","published_at":"2026-05-07T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66151","published_at":"2026-05-16T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66052","published_at":"2026-05-11T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66072","published_at":"2026-05-12T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66128","published_at":"2026-05-14T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66138","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-20197"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20197"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050057","reference_id":"1050057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050057"},{"reference_url":"https://security.gentoo.org/glsa/202507-03","reference_id":"GLSA-202507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-03"},{"reference_url":"https://usn.ubuntu.com/6303-1/","reference_id":"USN-6303-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6303-1/"},{"reference_url":"https://usn.ubuntu.com/6303-2/","reference_id":"USN-6303-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6303-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2023-20197"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mdfk-5ked-t3bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61691?format=json","vulnerability_id":"VCID-mu6w-nub4-z3ef","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20698","reference_id":"","reference_type":"","scores":[{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.4742","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47528","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47476","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47447","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47505","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47485","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47549","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47552","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47548","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47572","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47556","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47614","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47607","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47558","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00243","scoring_system":"epss","scoring_elements":"0.47504","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52676","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.5266","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.5267","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20698"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20698"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html","reference_id":"clamav-01035-and-01042-security-patch.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:57Z/"}],"url":"https://blog.clamav.net/2022/01/clamav-01035-and-01042-security-patch.html"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:57Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://usn.ubuntu.com/5233-1/","reference_id":"USN-5233-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5233-1/"},{"reference_url":"https://usn.ubuntu.com/5233-2/","reference_id":"USN-5233-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5233-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2022-20698"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mu6w-nub4-z3ef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40170?format=json","vulnerability_id":"VCID-new8-u5x9-nkeb","summary":"A vulnerability in ClamAV could lead to a Denial of Service\n    condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1405","reference_id":"","reference_type":"","scores":[{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81263","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81156","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81177","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81199","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81195","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81213","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81255","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81259","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81005","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81014","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81064","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81071","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81089","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81075","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81068","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81106","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81108","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81105","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81129","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81136","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01493","scoring_system":"epss","scoring_elements":"0.81143","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1405"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622","reference_id":"986622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622"},{"reference_url":"https://security.archlinux.org/AVG-1787","reference_id":"AVG-1787","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1787"},{"reference_url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","reference_id":"clamav-01032-security-patch-release.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:34Z/"}],"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"reference_url":"https://security.gentoo.org/glsa/202104-07","reference_id":"GLSA-202104-07","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:34Z/"}],"url":"https://security.gentoo.org/glsa/202104-07"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:34Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"},{"reference_url":"https://usn.ubuntu.com/4918-1/","reference_id":"USN-4918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-1/"},{"reference_url":"https://usn.ubuntu.com/4918-2/","reference_id":"USN-4918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2021-1405"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-new8-u5x9-nkeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61693?format=json","vulnerability_id":"VCID-tzph-y73s-6qb9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could result in remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20771","reference_id":"","reference_type":"","scores":[{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76978","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76804","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76928","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76912","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76924","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76907","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76877","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76887","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76868","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76836","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76845","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76999","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00983","scoring_system":"epss","scoring_elements":"0.76993","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77047","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77076","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77057","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.77089","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-20771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20771"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/","reference_id":"7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7RV6BLIATIJE74SQ6NG5ZC4JK5MMDQ2R/"},{"reference_url":"https://security.archlinux.org/AVG-2722","reference_id":"AVG-2722","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2722"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/","reference_id":"BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BX5ZXNHP4NFYQ5BFSKY3WT7NTBZUYG7L/"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG","reference_id":"cisco-sa-clamav-dos-ZAZBwRVG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-ZAZBwRVG"},{"reference_url":"https://security.gentoo.org/glsa/202310-01","reference_id":"GLSA-202310-01","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://security.gentoo.org/glsa/202310-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/","reference_id":"N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-06T16:01:31Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4NNBIJVG6Z4PDIKUZXTYXICYUAYAZ56/"},{"reference_url":"https://usn.ubuntu.com/5423-1/","reference_id":"USN-5423-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-1/"},{"reference_url":"https://usn.ubuntu.com/5423-2/","reference_id":"USN-5423-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5423-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049767?format=json","purl":"pkg:deb/debian/clamav@0.103.10%2Bdfsg-0%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.10%252Bdfsg-0%252Bdeb11u1"}],"aliases":["CVE-2022-20771"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzph-y73s-6qb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94570?format=json","vulnerability_id":"VCID-vbmy-urt6-myha","summary":"A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3341","reference_id":"","reference_type":"","scores":[{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.8869","published_at":"2026-05-16T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88578","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88579","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88592","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88588","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88602","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88606","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88633","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88647","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88644","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88656","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88682","published_at":"2026-05-14T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88691","published_at":"2026-05-15T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88522","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.8853","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88547","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88551","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88569","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88574","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04089","scoring_system":"epss","scoring_elements":"0.88586","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3341"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/","reference_id":"3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"},{"reference_url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html","reference_id":"clamav-01023-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/","reference_id":"L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/","reference_id":"ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/"},{"reference_url":"https://usn.ubuntu.com/4370-1/","reference_id":"USN-4370-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://usn.ubuntu.com/4370-1/"},{"reference_url":"https://usn.ubuntu.com/4370-2/","reference_id":"USN-4370-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:21:21Z/"}],"url":"https://usn.ubuntu.com/4370-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3341"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vbmy-urt6-myha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96513?format=json","vulnerability_id":"VCID-vdhk-r67a-s3fr","summary":"A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r \r This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\r For a description of this vulnerability, see the .\r Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20128","reference_id":"","reference_type":"","scores":[{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81778","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.8162","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81642","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81651","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81656","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81672","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81694","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81718","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81734","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81775","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81777","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81598","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81585","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01581","scoring_system":"epss","scoring_elements":"0.81617","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81799","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81822","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81819","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81845","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01625","scoring_system":"epss","scoring_elements":"0.81852","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-20128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20128"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093880","reference_id":"1093880","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093880"},{"reference_url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA","reference_id":"cisco-sa-clamav-ole2-H549rphA","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T16:54:39Z/"}],"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA"},{"reference_url":"https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html","reference_id":"clamav-142-and-108-security-patch.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-22T16:54:39Z/"}],"url":"https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html"},{"reference_url":"https://usn.ubuntu.com/7229-1/","reference_id":"USN-7229-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7229-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2025-20128"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vdhk-r67a-s3fr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51467?format=json","vulnerability_id":"VCID-wjvc-p75d-p3a9","summary":"Multiple vulnerabilities have been discovered in ClamAV, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20506","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10997","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10889","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10873","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1097","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10918","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10982","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10808","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10884","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10937","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10938","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10905","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10883","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10742","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10755","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10841","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.108","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1074","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10683","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10817","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-20506"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-20506"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962","reference_id":"1080962","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080962"},{"reference_url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html","reference_id":"clamav-141-132-107-and-010312-security.html","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-05T13:34:43Z/"}],"url":"https://blog.clamav.net/2024/09/clamav-141-132-107-and-010312-security.html"},{"reference_url":"https://security.gentoo.org/glsa/202507-03","reference_id":"GLSA-202507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-03"},{"reference_url":"https://usn.ubuntu.com/7011-1/","reference_id":"USN-7011-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-1/"},{"reference_url":"https://usn.ubuntu.com/7011-2/","reference_id":"USN-7011-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7011-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050980?format=json","purl":"pkg:deb/debian/clamav@1.4.3%2Bdfsg-1~deb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5kba-63mx-hya7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@1.4.3%252Bdfsg-1~deb12u2"}],"aliases":["CVE-2024-20506"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjvc-p75d-p3a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43031?format=json","vulnerability_id":"VCID-xfzw-afgg-fqdc","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3481","reference_id":"","reference_type":"","scores":[{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86637","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86487","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86502","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86507","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86519","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86528","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86548","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86567","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86584","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.8658","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86592","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86625","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86635","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86421","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86451","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.8647","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.8648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86495","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02963","scoring_system":"epss","scoring_elements":"0.86492","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3481"},{"reference_url":"https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html","reference_id":"clamav-01024-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html"},{"reference_url":"https://security.gentoo.org/glsa/202007-23","reference_id":"GLSA-202007-23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://security.gentoo.org/glsa/202007-23"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/","reference_id":"IJ67VH37NCG25PICGWFWZHSVG7PBT7MC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/","reference_id":"QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"},{"reference_url":"https://usn.ubuntu.com/4435-1/","reference_id":"USN-4435-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://usn.ubuntu.com/4435-1/"},{"reference_url":"https://usn.ubuntu.com/4435-2/","reference_id":"USN-4435-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-13T17:13:21Z/"}],"url":"https://usn.ubuntu.com/4435-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3481"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfzw-afgg-fqdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94646?format=json","vulnerability_id":"VCID-xwgq-w8k4-xbcn","summary":"A vulnerability in the Excel XLM macro parsing module in Clam AntiVirus (ClamAV) Software versions 0.103.0 and 0.103.1 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper error handling that may result in an infinite loop. An attacker could exploit this vulnerability by sending a crafted Excel file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process hang, resulting in a denial of service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1252","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67784","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.677","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67758","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67771","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67514","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.6755","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67571","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67549","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67614","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67637","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67623","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.6759","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67625","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67645","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67647","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67624","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67667","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67703","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67674","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-1252"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1252"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622","reference_id":"986622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986622"},{"reference_url":"https://security.archlinux.org/AVG-1787","reference_id":"AVG-1787","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1787"},{"reference_url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","reference_id":"clamav-01032-security-patch-release.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-08T20:02:36Z/"}],"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"reference_url":"https://usn.ubuntu.com/4918-1/","reference_id":"USN-4918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-1/"},{"reference_url":"https://usn.ubuntu.com/4918-2/","reference_id":"USN-4918-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4918-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2021-1252"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xwgq-w8k4-xbcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43030?format=json","vulnerability_id":"VCID-zeub-1qhs-pyfh","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3350","reference_id":"","reference_type":"","scores":[{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32099","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32535","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.3255","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32517","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32232","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32147","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32008","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32073","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32082","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.31988","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32011","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32079","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.321","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32519","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32668","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32524","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32571","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00131","scoring_system":"epss","scoring_elements":"0.32599","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3350"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy","reference_id":"cisco-sa-famp-ZEpdXy","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-famp-ZEpdXy"},{"reference_url":"https://security.gentoo.org/glsa/202007-23","reference_id":"GLSA-202007-23","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://security.gentoo.org/glsa/202007-23"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/","reference_id":"IJ67VH37NCG25PICGWFWZHSVG7PBT7MC","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IJ67VH37NCG25PICGWFWZHSVG7PBT7MC/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/","reference_id":"QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QM7EXJHDEZJLWM2NKH6TCDXOBP5NNYIN/"},{"reference_url":"https://usn.ubuntu.com/4435-1/","reference_id":"USN-4435-1","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://usn.ubuntu.com/4435-1/"},{"reference_url":"https://usn.ubuntu.com/4435-2/","reference_id":"USN-4435-2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:27:39Z/"}],"url":"https://usn.ubuntu.com/4435-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049766?format=json","purl":"pkg:deb/debian/clamav@0.103.6%2Bdfsg-0%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.103.6%252Bdfsg-0%252Bdeb10u1"}],"aliases":["CVE-2020-3350"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zeub-1qhs-pyfh"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48554?format=json","vulnerability_id":"VCID-1346-uavy-pbdb","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1787","reference_id":"","reference_type":"","scores":[{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90293","published_at":"2026-05-16T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.9016","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90229","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90226","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90238","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90254","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90265","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90259","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90268","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90283","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90291","published_at":"2026-05-15T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90157","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90172","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90193","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90206","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90201","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90219","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05473","scoring_system":"epss","scoring_elements":"0.90216","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1787"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1787"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1787","reference_id":"CVE-2019-1787","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1787"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:55Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3940-1/","reference_id":"USN-3940-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-1/"},{"reference_url":"https://usn.ubuntu.com/3940-2/","reference_id":"USN-3940-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1787"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1346-uavy-pbdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93946?format=json","vulnerability_id":"VCID-32nc-x9aw-a3fb","summary":"ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:32Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12625","reference_id":"","reference_type":"","scores":[{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84396","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84153","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84334","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84351","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84383","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84393","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.8414","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84171","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84173","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84195","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84219","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84214","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.8421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84232","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84233","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84237","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.8427","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84292","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84318","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0214","scoring_system":"epss","scoring_elements":"0.84335","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12625"},{"reference_url":"https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:32Z/"}],"url":"https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12625"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359","reference_id":"934359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12625","reference_id":"CVE-2019-12625","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12625"},{"reference_url":"https://usn.ubuntu.com/4146-1/","reference_id":"USN-4146-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4146-1/"},{"reference_url":"https://usn.ubuntu.com/4146-2/","reference_id":"USN-4146-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4146-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-12625"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32nc-x9aw-a3fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47380?format=json","vulnerability_id":"VCID-5hnm-hz17-2bey","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15961","reference_id":"","reference_type":"","scores":[{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84626","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84497","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84506","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8451","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84527","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84554","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8457","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84567","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84584","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84615","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84624","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84373","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84388","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84408","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84432","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84437","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84456","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8445","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84446","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84468","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.84469","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02206","scoring_system":"epss","scoring_elements":"0.8447","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15961"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945265","reference_id":"945265","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945265"},{"reference_url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010","reference_id":"CSCvr56010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010"},{"reference_url":"https://security.gentoo.org/glsa/202003-46","reference_id":"GLSA-202003-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://security.gentoo.org/glsa/202003-46"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html","reference_id":"msg00016.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12380","reference_id":"show_bug.cgi?id=12380","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12380"},{"reference_url":"https://usn.ubuntu.com/4230-1/","reference_id":"USN-4230-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4230-1/"},{"reference_url":"https://usn.ubuntu.com/4230-2/","reference_id":"USN-4230-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:50Z/"}],"url":"https://usn.ubuntu.com/4230-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-15961"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hnm-hz17-2bey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48550?format=json","vulnerability_id":"VCID-7dcd-v8q9-b3bv","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15378","reference_id":"","reference_type":"","scores":[{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.82053","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81965","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.8199","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81987","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.82004","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.82045","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.82052","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81817","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81814","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.8184","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81847","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81866","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81849","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81888","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81911","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81921","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01624","scoring_system":"epss","scoring_elements":"0.81926","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://secuniaresearch.flexerasoftware.com/advisories/83000/","reference_id":"83000","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://secuniaresearch.flexerasoftware.com/advisories/83000/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910430","reference_id":"910430","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910430"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12170","reference_id":"show_bug.cgi?id=12170","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12170"},{"reference_url":"https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html","reference_id":"SR-2018-23.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html"},{"reference_url":"https://usn.ubuntu.com/3789-1/","reference_id":"USN-3789-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://usn.ubuntu.com/3789-1/"},{"reference_url":"https://usn.ubuntu.com/3789-2/","reference_id":"USN-3789-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-25T18:47:40Z/"}],"url":"https://usn.ubuntu.com/3789-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2018-15378"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7dcd-v8q9-b3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48553?format=json","vulnerability_id":"VCID-8s2g-2brb-tfhq","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1786","reference_id":"","reference_type":"","scores":[{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.8814","published_at":"2026-05-16T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88042","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88048","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.8806","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88075","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.8809","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88088","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88102","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88132","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88139","published_at":"2026-05-15T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87954","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87964","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87978","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.87982","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88002","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.8802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88027","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03741","scoring_system":"epss","scoring_elements":"0.88026","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1786"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:57Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12149"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:57Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12168"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1786"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1786","reference_id":"CVE-2019-1786","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1786"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:57Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1786"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s2g-2brb-tfhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48556?format=json","vulnerability_id":"VCID-a4nz-5cr8-13an","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1789","reference_id":"","reference_type":"","scores":[{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69563","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69465","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6949","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69537","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69549","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6928","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69293","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6931","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6934","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69357","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69379","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69363","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6935","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69388","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69399","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.6943","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69437","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69442","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69419","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69462","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00596","scoring_system":"epss","scoring_elements":"0.69497","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1789"},{"reference_url":"https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:22:31Z/"}],"url":"https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1789","reference_id":"CVE-2019-1789","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1789"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3940-1/","reference_id":"USN-3940-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-1/"},{"reference_url":"https://usn.ubuntu.com/3940-2/","reference_id":"USN-3940-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1789"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4nz-5cr8-13an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48547?format=json","vulnerability_id":"VCID-h46v-x33x-t3ep","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0360","reference_id":"","reference_type":"","scores":[{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78974","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7903","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7902","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79048","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79045","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79044","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79077","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79083","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79098","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.7911","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79131","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79148","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79145","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79161","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79006","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.78991","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79015","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79022","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01215","scoring_system":"epss","scoring_elements":"0.79046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01272","scoring_system":"epss","scoring_elements":"0.79714","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01272","scoring_system":"epss","scoring_elements":"0.79719","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01272","scoring_system":"epss","scoring_elements":"0.79709","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0360"},{"reference_url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0360"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"},{"reference_url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://secuniaresearch.flexerasoftware.com/secunia_research/2018-12/"},{"reference_url":"http://www.securitytracker.com/id/1041367","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"http://www.securitytracker.com/id/1041367"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0360","reference_id":"CVE-2018-0360","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0360"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3722-1/","reference_id":"USN-3722-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://usn.ubuntu.com/3722-1/"},{"reference_url":"https://usn.ubuntu.com/3722-2/","reference_id":"USN-3722-2","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:29Z/"}],"url":"https://usn.ubuntu.com/3722-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2018-0360"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h46v-x33x-t3ep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48551?format=json","vulnerability_id":"VCID-mufb-kvfq-mubz","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1785","reference_id":"","reference_type":"","scores":[{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53689","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53515","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53562","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53615","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53578","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53603","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53674","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53684","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53517","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.5354","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53566","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53535","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53585","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53581","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53631","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53613","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53596","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53633","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53638","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53621","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53584","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53561","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1785"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12284","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T17:21:23Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1785"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:0.101.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1785","reference_id":"CVE-2019-1785","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1785"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-19T17:21:23Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1785"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mufb-kvfq-mubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72794?format=json","vulnerability_id":"VCID-n51n-m2r7-kbdy","summary":"bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12900","reference_id":"","reference_type":"","scores":[{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78226","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78211","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78277","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78294","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78206","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78174","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78179","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.7818","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78333","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78347","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78282","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78168","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78143","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78111","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78355","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.7815","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78265","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78239","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.78283","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.7829","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2332075","reference_id":"2332075","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2332075"},{"reference_url":"https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc","reference_id":"74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930886","reference_id":"930886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359","reference_id":"934359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934359"},{"reference_url":"https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"K68713584?utm_source=f5support&amp%3Butm_medium=RSS","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html","reference_id":"msg00040.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html","reference_id":"msg00050.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html"},{"reference_url":"https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E","reference_id":"rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E","reference_id":"rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10803","reference_id":"RHSA-2024:10803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8922","reference_id":"RHSA-2024:8922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0733","reference_id":"RHSA-2025:0733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0925","reference_id":"RHSA-2025:0925","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0925"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1154","reference_id":"RHSA-2025:1154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1154"},{"reference_url":"https://usn.ubuntu.com/4038-1/","reference_id":"USN-4038-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4038-1/"},{"reference_url":"https://usn.ubuntu.com/4038-2/","reference_id":"USN-4038-2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4038-2/"},{"reference_url":"https://usn.ubuntu.com/4146-1/","reference_id":"USN-4146-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4146-1/"},{"reference_url":"https://usn.ubuntu.com/4146-2/","reference_id":"USN-4146-2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:54:12Z/"}],"url":"https://usn.ubuntu.com/4146-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-12900"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n51n-m2r7-kbdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48548?format=json","vulnerability_id":"VCID-nu3x-4yc8-ufg6","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0361","reference_id":"","reference_type":"","scores":[{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72399","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72497","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72486","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72536","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72534","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72525","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72554","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.7258","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72543","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72569","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72404","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72422","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72451","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72474","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72446","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72488","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76875","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76866","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00974","scoring_system":"epss","scoring_elements":"0.76851","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-0361"},{"reference_url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0361"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00020.html"},{"reference_url":"http://www.securitytracker.com/id/1041367","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"http://www.securitytracker.com/id/1041367"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0361","reference_id":"CVE-2018-0361","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-0361"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-29T14:37:27Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3722-1/","reference_id":"USN-3722-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3722-1/"},{"reference_url":"https://usn.ubuntu.com/3722-2/","reference_id":"USN-3722-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3722-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2018-0361"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nu3x-4yc8-ufg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48555?format=json","vulnerability_id":"VCID-p5hg-2rdb-z3hq","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00064.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1788","reference_id":"","reference_type":"","scores":[{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92939","published_at":"2026-05-15T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92827","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92868","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9287","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92866","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92875","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92888","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92899","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92902","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9291","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92933","published_at":"2026-05-16T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9282","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.9283","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92838","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92841","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92846","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92856","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92857","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09531","scoring_system":"epss","scoring_elements":"0.92862","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1788"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1788"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00019.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1788","reference_id":"CVE-2019-1788","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1788"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:54Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"},{"reference_url":"https://usn.ubuntu.com/3940-1/","reference_id":"USN-3940-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-1/"},{"reference_url":"https://usn.ubuntu.com/3940-2/","reference_id":"USN-3940-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3940-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1788"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5hg-2rdb-z3hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48557?format=json","vulnerability_id":"VCID-qacw-bby8-9kdg","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1798","reference_id":"","reference_type":"","scores":[{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81757","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.8165","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81672","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81696","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81695","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81712","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81753","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81756","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81492","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81503","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81525","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81523","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81556","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81576","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81564","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81557","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81594","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.816","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81621","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.8163","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01577","scoring_system":"epss","scoring_elements":"0.81634","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1798"},{"reference_url":"https://bugzilla.clamav.net/show_bug.cgi?id=12262","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:52Z/"}],"url":"https://bugzilla.clamav.net/show_bug.cgi?id=12262"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1798"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1798","reference_id":"CVE-2019-1798","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-1798"},{"reference_url":"https://security.gentoo.org/glsa/201904-12","reference_id":"GLSA-201904-12","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T17:24:52Z/"}],"url":"https://security.gentoo.org/glsa/201904-12"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2019-1798"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qacw-bby8-9kdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47381?format=json","vulnerability_id":"VCID-u3pj-kant-effb","summary":"Multiple vulnerabilities have been found in ClamAV, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3123","reference_id":"","reference_type":"","scores":[{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85219","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85094","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85103","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85101","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85116","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85141","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85162","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85158","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85172","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85206","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85216","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.84973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.84987","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85009","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85031","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85038","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85054","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85053","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85049","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.8507","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02399","scoring_system":"epss","scoring_elements":"0.85072","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-3123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-3123"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950944","reference_id":"950944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950944"},{"reference_url":"https://security.archlinux.org/AVG-1168","reference_id":"AVG-1168","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1168"},{"reference_url":"https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html","reference_id":"clamav-01022-security-patch-released.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html"},{"reference_url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062","reference_id":"CSCvs59062","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs59062"},{"reference_url":"https://security.gentoo.org/glsa/202003-46","reference_id":"GLSA-202003-46","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://security.gentoo.org/glsa/202003-46"},{"reference_url":"https://usn.ubuntu.com/4280-1/","reference_id":"USN-4280-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://usn.ubuntu.com/4280-1/"},{"reference_url":"https://usn.ubuntu.com/4280-2/","reference_id":"USN-4280-2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-15T16:22:29Z/"}],"url":"https://usn.ubuntu.com/4280-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049765?format=json","purl":"pkg:deb/debian/clamav@0.102.3%2Bdfsg-0~deb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2aju-u36p-gug9"},{"vulnerability":"VCID-4z4r-2w8m-r7dz"},{"vulnerability":"VCID-63vt-1nc8-6kfc"},{"vulnerability":"VCID-cc9p-w184-zfej"},{"vulnerability":"VCID-cysq-fdzg-13dd"},{"vulnerability":"VCID-d3u3-epeb-guh9"},{"vulnerability":"VCID-dn26-zfsc-ryec"},{"vulnerability":"VCID-egd5-p68y-wfdy"},{"vulnerability":"VCID-fp31-7krz-abbs"},{"vulnerability":"VCID-ggz7-h35v-p7ep"},{"vulnerability":"VCID-kurn-1uay-qqap"},{"vulnerability":"VCID-mdfk-5ked-t3bu"},{"vulnerability":"VCID-mu6w-nub4-z3ef"},{"vulnerability":"VCID-new8-u5x9-nkeb"},{"vulnerability":"VCID-tzph-y73s-6qb9"},{"vulnerability":"VCID-vbmy-urt6-myha"},{"vulnerability":"VCID-vdhk-r67a-s3fr"},{"vulnerability":"VCID-wjvc-p75d-p3a9"},{"vulnerability":"VCID-xfzw-afgg-fqdc"},{"vulnerability":"VCID-xwgq-w8k4-xbcn"},{"vulnerability":"VCID-zeub-1qhs-pyfh"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}],"aliases":["CVE-2020-3123"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u3pj-kant-effb"}],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/clamav@0.102.3%252Bdfsg-0~deb9u1"}