OPENSUSE-SU-2026:21252-1
Vulnerability from csaf_opensuse - Published: 2026-07-07 16:59 - Updated: 2026-07-07 16:59Summary
Security update for clamav
Severity
Important
Notes
Title of the patch: Security update for clamav
Description of the patch: This update for clamav fixes the following issues:
Update to version 1.5.3.
Security issues fixed:
- CVE-2026-20213: out-of-bounds write due to improper boundary checks for content in PE files during scanning
(bsc#1270107).
- CVE-2026-20214: out-of-bounds write due to improper boundary checks for content in FSG files during scanning
(bsc#1270085).
- CVE-2026-20215: out-of-bounds write due to improper boundary checks for content in 7z files during scanning
(bsc#1270088).
- CVE-2026-20216: denial of service due to improper handling of temporary resources during InstallShield file scanning
(bsc#1270089).
- CVE-2026-20217: out-of-bounds write due to improper boundary checks for content in PESpin files during scanning
(bsc#1270091).
- CVE-2026-20243: out-of-bounds write due to improper boundary checks for content in ALZ files during scanning
(bsc#1270092).
- CVE-2026-20244: integer overflow and DoS due to improper boundary checks for content in DMG files during scanning
(bsc#1270106).
- CVE-2026-41676: buffer overflow due to missing checks via `Deriver:derive`, `PkeyCtxRef:derive` and OpenSSL 1.1.1
(bsc#1270138).
Other updates and bugfixes:
- Version 1.5.3:
* Fixed a bug in the PESpin unpacker cleanup path that could free pointers into the scanned file buffer and crash the
scanner.
* Fixed an integer overflow in PE rebuild size calculations that could be reached through a malformed Aspack-packed PE
file and lead to a heap buffer overflow write.
* Fixed an InstallShield archive extraction limit bypass that could write far more temporary data than intended and
exhaust temporary storage.
* Fixed an FSG unpacker loop underflow that could write past the section array while scanning a malformed PE file.
* Fixed ALZ parser size handling bugs that could cause malformed ALZ archives to panic, abort the scanner, or skip
expected scan-limit handling.
* Fixed a 7z parser substream count overflow that could under-allocate parser metadata arrays and write past them
while reading a malformed archive.
* Fixed 32-bit DMG parser size checks that could let a short mish stripe table pass validation and crash 32-bit
scanner builds.
* Hardened clamscan, clamdscan, and clamonacc quarantine actions against time-of-check/time-of-use races that could
redirect copied, moved, or removed files under unsafe quarantine directory configurations.
* Upgraded the Rust tar dependency to resolve the RUSTSEC-2026-0067 and RUSTSEC-2026-0068 advisories, and upgraded the
Rust openssl dependency to resolve CVE-2026-41676.
* Raised the minimum required CMake version to 3.17 to fix Linux builds with libcurl v8.21.0 when linking static
library dependencies.
* Metadata preclass scans now run before the final scan verdict.
* ClamOnAcc: Fixed errors when recursively excluded paths are children of an included path.
* ClamOnAcc: Fixed hash bucket list corruption when two watched paths collide in the same bucket.
Patchnames: openSUSE-Leap-16.0-1173
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
34 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for clamav",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for clamav fixes the following issues:\n\nUpdate to version 1.5.3.\n\nSecurity issues fixed:\n\n- CVE-2026-20213: out-of-bounds write due to improper boundary checks for content in PE files during scanning\n (bsc#1270107).\n- CVE-2026-20214: out-of-bounds write due to improper boundary checks for content in FSG files during scanning\n (bsc#1270085).\n- CVE-2026-20215: out-of-bounds write due to improper boundary checks for content in 7z files during scanning\n (bsc#1270088).\n- CVE-2026-20216: denial of service due to improper handling of temporary resources during InstallShield file scanning\n (bsc#1270089).\n- CVE-2026-20217: out-of-bounds write due to improper boundary checks for content in PESpin files during scanning\n (bsc#1270091).\n- CVE-2026-20243: out-of-bounds write due to improper boundary checks for content in ALZ files during scanning\n (bsc#1270092).\n- CVE-2026-20244: integer overflow and DoS due to improper boundary checks for content in DMG files during scanning\n (bsc#1270106).\n- CVE-2026-41676: buffer overflow due to missing checks via `Deriver:derive`, `PkeyCtxRef:derive` and OpenSSL 1.1.1\n (bsc#1270138).\n\nOther updates and bugfixes:\n\n- Version 1.5.3:\n * Fixed a bug in the PESpin unpacker cleanup path that could free pointers into the scanned file buffer and crash the\n scanner.\n * Fixed an integer overflow in PE rebuild size calculations that could be reached through a malformed Aspack-packed PE\n file and lead to a heap buffer overflow write.\n * Fixed an InstallShield archive extraction limit bypass that could write far more temporary data than intended and\n exhaust temporary storage.\n * Fixed an FSG unpacker loop underflow that could write past the section array while scanning a malformed PE file.\n * Fixed ALZ parser size handling bugs that could cause malformed ALZ archives to panic, abort the scanner, or skip\n expected scan-limit handling.\n * Fixed a 7z parser substream count overflow that could under-allocate parser metadata arrays and write past them\n while reading a malformed archive.\n * Fixed 32-bit DMG parser size checks that could let a short mish stripe table pass validation and crash 32-bit\n scanner builds.\n * Hardened clamscan, clamdscan, and clamonacc quarantine actions against time-of-check/time-of-use races that could\n redirect copied, moved, or removed files under unsafe quarantine directory configurations.\n * Upgraded the Rust tar dependency to resolve the RUSTSEC-2026-0067 and RUSTSEC-2026-0068 advisories, and upgraded the\n Rust openssl dependency to resolve CVE-2026-41676.\n * Raised the minimum required CMake version to 3.17 to fix Linux builds with libcurl v8.21.0 when linking static\n library dependencies.\n * Metadata preclass scans now run before the final scan verdict.\n * ClamOnAcc: Fixed errors when recursively excluded paths are children of an included path.\n * ClamOnAcc: Fixed hash bucket list corruption when two watched paths collide in the same bucket.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-1173",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_21252-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1270085",
"url": "https://bugzilla.suse.com/1270085"
},
{
"category": "self",
"summary": "SUSE Bug 1270088",
"url": "https://bugzilla.suse.com/1270088"
},
{
"category": "self",
"summary": "SUSE Bug 1270089",
"url": "https://bugzilla.suse.com/1270089"
},
{
"category": "self",
"summary": "SUSE Bug 1270091",
"url": "https://bugzilla.suse.com/1270091"
},
{
"category": "self",
"summary": "SUSE Bug 1270092",
"url": "https://bugzilla.suse.com/1270092"
},
{
"category": "self",
"summary": "SUSE Bug 1270106",
"url": "https://bugzilla.suse.com/1270106"
},
{
"category": "self",
"summary": "SUSE Bug 1270107",
"url": "https://bugzilla.suse.com/1270107"
},
{
"category": "self",
"summary": "SUSE Bug 1270138",
"url": "https://bugzilla.suse.com/1270138"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20213 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20213/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20214 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20215 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20215/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20216 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20217 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20243 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-20244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-20244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41676 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41676/"
}
],
"title": "Security update for clamav",
"tracking": {
"current_release_date": "2026-07-07T16:59:27Z",
"generator": {
"date": "2026-07-07T16:59:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:21252-1",
"initial_release_date": "2026-07-07T16:59:27Z",
"revision_history": [
{
"date": "2026-07-07T16:59:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.5.3-160000.1.1.aarch64",
"product": {
"name": "clamav-1.5.3-160000.1.1.aarch64",
"product_id": "clamav-1.5.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.5.3-160000.1.1.aarch64",
"product": {
"name": "clamav-devel-1.5.3-160000.1.1.aarch64",
"product_id": "clamav-devel-1.5.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.5.3-160000.1.1.aarch64",
"product": {
"name": "clamav-milter-1.5.3-160000.1.1.aarch64",
"product_id": "clamav-milter-1.5.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libclamav12-1.5.3-160000.1.1.aarch64",
"product": {
"name": "libclamav12-1.5.3-160000.1.1.aarch64",
"product_id": "libclamav12-1.5.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.5.3-160000.1.1.aarch64",
"product": {
"name": "libclammspack0-1.5.3-160000.1.1.aarch64",
"product_id": "libclammspack0-1.5.3-160000.1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libfreshclam4-1.5.3-160000.1.1.aarch64",
"product": {
"name": "libfreshclam4-1.5.3-160000.1.1.aarch64",
"product_id": "libfreshclam4-1.5.3-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-docs-html-1.5.3-160000.1.1.noarch",
"product": {
"name": "clamav-docs-html-1.5.3-160000.1.1.noarch",
"product_id": "clamav-docs-html-1.5.3-160000.1.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.5.3-160000.1.1.ppc64le",
"product": {
"name": "clamav-1.5.3-160000.1.1.ppc64le",
"product_id": "clamav-1.5.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.5.3-160000.1.1.ppc64le",
"product": {
"name": "clamav-devel-1.5.3-160000.1.1.ppc64le",
"product_id": "clamav-devel-1.5.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.5.3-160000.1.1.ppc64le",
"product": {
"name": "clamav-milter-1.5.3-160000.1.1.ppc64le",
"product_id": "clamav-milter-1.5.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libclamav12-1.5.3-160000.1.1.ppc64le",
"product": {
"name": "libclamav12-1.5.3-160000.1.1.ppc64le",
"product_id": "libclamav12-1.5.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.5.3-160000.1.1.ppc64le",
"product": {
"name": "libclammspack0-1.5.3-160000.1.1.ppc64le",
"product_id": "libclammspack0-1.5.3-160000.1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libfreshclam4-1.5.3-160000.1.1.ppc64le",
"product": {
"name": "libfreshclam4-1.5.3-160000.1.1.ppc64le",
"product_id": "libfreshclam4-1.5.3-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.5.3-160000.1.1.s390x",
"product": {
"name": "clamav-1.5.3-160000.1.1.s390x",
"product_id": "clamav-1.5.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.5.3-160000.1.1.s390x",
"product": {
"name": "clamav-devel-1.5.3-160000.1.1.s390x",
"product_id": "clamav-devel-1.5.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.5.3-160000.1.1.s390x",
"product": {
"name": "clamav-milter-1.5.3-160000.1.1.s390x",
"product_id": "clamav-milter-1.5.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "libclamav12-1.5.3-160000.1.1.s390x",
"product": {
"name": "libclamav12-1.5.3-160000.1.1.s390x",
"product_id": "libclamav12-1.5.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.5.3-160000.1.1.s390x",
"product": {
"name": "libclammspack0-1.5.3-160000.1.1.s390x",
"product_id": "libclammspack0-1.5.3-160000.1.1.s390x"
}
},
{
"category": "product_version",
"name": "libfreshclam4-1.5.3-160000.1.1.s390x",
"product": {
"name": "libfreshclam4-1.5.3-160000.1.1.s390x",
"product_id": "libfreshclam4-1.5.3-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "clamav-1.5.3-160000.1.1.x86_64",
"product": {
"name": "clamav-1.5.3-160000.1.1.x86_64",
"product_id": "clamav-1.5.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "clamav-devel-1.5.3-160000.1.1.x86_64",
"product": {
"name": "clamav-devel-1.5.3-160000.1.1.x86_64",
"product_id": "clamav-devel-1.5.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "clamav-milter-1.5.3-160000.1.1.x86_64",
"product": {
"name": "clamav-milter-1.5.3-160000.1.1.x86_64",
"product_id": "clamav-milter-1.5.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libclamav12-1.5.3-160000.1.1.x86_64",
"product": {
"name": "libclamav12-1.5.3-160000.1.1.x86_64",
"product_id": "libclamav12-1.5.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libclammspack0-1.5.3-160000.1.1.x86_64",
"product": {
"name": "libclammspack0-1.5.3-160000.1.1.x86_64",
"product_id": "libclammspack0-1.5.3-160000.1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libfreshclam4-1.5.3-160000.1.1.x86_64",
"product": {
"name": "libfreshclam4-1.5.3-160000.1.1.x86_64",
"product_id": "libfreshclam4-1.5.3-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.5.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64"
},
"product_reference": "clamav-1.5.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.5.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le"
},
"product_reference": "clamav-1.5.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.5.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x"
},
"product_reference": "clamav-1.5.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-1.5.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64"
},
"product_reference": "clamav-1.5.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.5.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64"
},
"product_reference": "clamav-devel-1.5.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.5.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le"
},
"product_reference": "clamav-devel-1.5.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.5.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x"
},
"product_reference": "clamav-devel-1.5.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-devel-1.5.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64"
},
"product_reference": "clamav-devel-1.5.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-docs-html-1.5.3-160000.1.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch"
},
"product_reference": "clamav-docs-html-1.5.3-160000.1.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.5.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64"
},
"product_reference": "clamav-milter-1.5.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.5.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le"
},
"product_reference": "clamav-milter-1.5.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.5.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x"
},
"product_reference": "clamav-milter-1.5.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "clamav-milter-1.5.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64"
},
"product_reference": "clamav-milter-1.5.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.5.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64"
},
"product_reference": "libclamav12-1.5.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.5.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le"
},
"product_reference": "libclamav12-1.5.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.5.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x"
},
"product_reference": "libclamav12-1.5.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclamav12-1.5.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64"
},
"product_reference": "libclamav12-1.5.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.5.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64"
},
"product_reference": "libclammspack0-1.5.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.5.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le"
},
"product_reference": "libclammspack0-1.5.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.5.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x"
},
"product_reference": "libclammspack0-1.5.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libclammspack0-1.5.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64"
},
"product_reference": "libclammspack0-1.5.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam4-1.5.3-160000.1.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64"
},
"product_reference": "libfreshclam4-1.5.3-160000.1.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam4-1.5.3-160000.1.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le"
},
"product_reference": "libfreshclam4-1.5.3-160000.1.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam4-1.5.3-160000.1.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x"
},
"product_reference": "libfreshclam4-1.5.3-160000.1.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libfreshclam4-1.5.3-160000.1.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
},
"product_reference": "libfreshclam4-1.5.3-160000.1.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-20213",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20213"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20213",
"url": "https://www.suse.com/security/cve/CVE-2026-20213"
},
{
"category": "external",
"summary": "SUSE Bug 1270107 for CVE-2026-20213",
"url": "https://bugzilla.suse.com/1270107"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20213"
},
{
"cve": "CVE-2026-20214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20214"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20214",
"url": "https://www.suse.com/security/cve/CVE-2026-20214"
},
{
"category": "external",
"summary": "SUSE Bug 1270085 for CVE-2026-20214",
"url": "https://bugzilla.suse.com/1270085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20214"
},
{
"cve": "CVE-2026-20215",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20215"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z\u0026nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20215",
"url": "https://www.suse.com/security/cve/CVE-2026-20215"
},
{
"category": "external",
"summary": "SUSE Bug 1270088 for CVE-2026-20215",
"url": "https://bugzilla.suse.com/1270088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20215"
},
{
"cve": "CVE-2026-20216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20216"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20216",
"url": "https://www.suse.com/security/cve/CVE-2026-20216"
},
{
"category": "external",
"summary": "SUSE Bug 1270089 for CVE-2026-20216",
"url": "https://bugzilla.suse.com/1270089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20216"
},
{
"cve": "CVE-2026-20217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20217"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20217",
"url": "https://www.suse.com/security/cve/CVE-2026-20217"
},
{
"category": "external",
"summary": "SUSE Bug 1270091 for CVE-2026-20217",
"url": "https://bugzilla.suse.com/1270091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20217"
},
{
"cve": "CVE-2026-20243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20243"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20243",
"url": "https://www.suse.com/security/cve/CVE-2026-20243"
},
{
"category": "external",
"summary": "SUSE Bug 1270092 for CVE-2026-20243",
"url": "https://bugzilla.suse.com/1270092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20243"
},
{
"cve": "CVE-2026-20244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-20244"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-20244",
"url": "https://www.suse.com/security/cve/CVE-2026-20244"
},
{
"category": "external",
"summary": "SUSE Bug 1270106 for CVE-2026-20244",
"url": "https://bugzilla.suse.com/1270106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "important"
}
],
"title": "CVE-2026-20244"
},
{
"cve": "CVE-2026-41676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41676"
}
],
"notes": [
{
"category": "general",
"text": "rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive (and PkeyCtxRef::derive) sets len = buf.len() and passes it as the in/out length to EVP_PKEY_derive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming *keylen, unconditionally writing the full shared secret (32/56/prime-size bytes). A caller passing a short slice gets a heap/stack overflow from safe code. OpenSSL 3.x providers do check, so this only impacts older OpenSSL. This vulnerability is fixed in 0.10.78.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41676",
"url": "https://www.suse.com/security/cve/CVE-2026-41676"
},
{
"category": "external",
"summary": "SUSE Bug 1270137 for CVE-2026-41676",
"url": "https://bugzilla.suse.com/1270137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-devel-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:clamav-docs-html-1.5.3-160000.1.1.noarch",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:clamav-milter-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclamav12-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libclammspack0-1.5.3-160000.1.1.x86_64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.aarch64",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.ppc64le",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.s390x",
"openSUSE Leap 16.0:libfreshclam4-1.5.3-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-07-07T16:59:27Z",
"details": "moderate"
}
],
"title": "CVE-2026-41676"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…