{"vulnerability": "CVE-2022-20770", "sightings": [{"uuid": "75fb8aad-e8cf-443a-a9ed-d5e2a82bca80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20770", "type": "published-proof-of-concept", "source": "https://t.me/ARC15INFO/433", "content": "An individual under the alias \"mmmds\" used the vx-underground malware collection to fuzz ClamAV. \n\nThis resulted in them submitting an array of vulnerabilities and the discovery of CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, and CVE-2022-20792.\n\nPaper: https://mmmds.pl/clamav/", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "a7eed2ce-b666-4ba5-81bd-45f8ddf9f0b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20770", "type": "seen", "source": "https://t.me/cibsecurity/41948", "content": "\u203c CVE-2022-20770 \u203c\n\nOn April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T20:35:42.000000Z"}, {"uuid": "6bd8d556-6c78-4993-bbe7-21f32a6b130a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20770", "type": "seen", "source": "https://t.me/vxunderground/748", "content": "An individual under the alias \"mmmds\" used the vx-underground malware collection to fuzz ClamAV. \n\nThis resulted in them submitting an array of vulnerabilities and the discovery of CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, and CVE-2022-20792.\n\nPaper: https://mmmds.pl/clamav/", "creation_timestamp": "2022-05-06T13:27:21.000000Z"}]}