{"vulnerability": "CVE-2022-20785", "sightings": [{"uuid": "8b222eba-9014-4fe1-a812-f38cf5727821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20785", "type": "published-proof-of-concept", "source": "https://t.me/ARC15INFO/433", "content": "An individual under the alias \"mmmds\" used the vx-underground malware collection to fuzz ClamAV. \n\nThis resulted in them submitting an array of vulnerabilities and the discovery of CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, and CVE-2022-20792.\n\nPaper: https://mmmds.pl/clamav/", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "12fbabcd-e685-4fcb-8d8b-c1adcd17bf9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20785", "type": "seen", "source": "https://t.me/vxunderground/748", "content": "An individual under the alias \"mmmds\" used the vx-underground malware collection to fuzz ClamAV. \n\nThis resulted in them submitting an array of vulnerabilities and the discovery of CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, and CVE-2022-20792.\n\nPaper: https://mmmds.pl/clamav/", "creation_timestamp": "2022-05-06T13:27:21.000000Z"}, {"uuid": "23810291-1517-4380-b010-c0bf5d0e77a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20785", "type": "seen", "source": "https://t.me/cibsecurity/41939", "content": "\u203c CVE-2022-20785 \u203c\n\nOn April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. For a description of this vulnerability, see the ClamAV blog. This advisory will be updated as additional information becomes available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T20:35:28.000000Z"}]}