{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T10:03:29.865","vulnerabilities":[{"cve":{"id":"CVE-2022-20792","sourceIdentifier":"psirt@cisco.com","published":"2022-08-10T09:15:08.197","lastModified":"2024-11-21T06:43:33.957","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an authenticated, local attacker to crash ClamAV at database load time, and possibly gain code execution. The vulnerability is due to improper bounds checking that may result in a multi-byte heap buffer overwflow write. An attacker could exploit this vulnerability by placing a crafted CDB ClamAV signature database file in the ClamAV database directory. An exploit could allow the attacker to run code as the clamav user."},{"lang":"es","value":"Una vulnerabilidad en el módulo regex usado por el módulo de carga de la base de datos de firmas de Clam AntiVirus (ClamAV) versiones 0.104.0 hasta 0.104.2 y LTS versiones 0.103.5 y anteriores, podría permitir a un atacante local autenticado bloquear ClamAV en el momento de la carga de la base de datos, y posiblemente obtener una ejecución de código. La vulnerabilidad es debido a una comprobación inapropiada de límites que puede resultar en una escritura de desbordamiento del búfer de la pila de varios bytes. Un atacante podría explotar esta vulnerabilidad al colocar un archivo de base de datos de firmas CDB ClamAV diseñado en el directorio de la base de datos de ClamAV. Una explotación podría permitir al atacante ejecutar código como el usuario clamav"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndIncluding":"0.103.5","matchCriteriaId":"30AC5889-743E-433E-97A7-2657A1F5C273"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"0.104.0","versionEndIncluding":"0.104.2","matchCriteriaId":"FEA3B921-70F0-455E-84F0-EA08498AEB4D"}]}]}],"references":[{"url":"https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html","source":"psirt@cisco.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/202310-01","source":"psirt@cisco.com"},{"url":"https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://security.gentoo.org/glsa/202310-01","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}