{"id":"CVE-2020-3341","details":"A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a stack buffer overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.","modified":"2026-03-13T00:41:47.492991Z","published":"2020-05-13T03:15:11.200Z","related":["MGASA-2020-0226","SUSE-SU-2020:3729-1","SUSE-SU-2020:3790-1","SUSE-SU-2020:3918-1","SUSE-SU-2021:14592-1","openSUSE-SU-2020:2268-1","openSUSE-SU-2020:2276-1","openSUSE-SU-2024:10685-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5YWYT27SBTV4RZSGFHIQUI4LQVFASWS/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROBJOGJOT44MVDX7RQEACYHQN4LYW5RK/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4370-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4370-2/"},{"type":"ADVISORY","url":"https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-3341.json","unresolved_ranges":[{"events":[{"introduced":"0.101"},{"last_affected":"0.102.2"}]},{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"19.10"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]},{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}