{"api_version":"1","generated_at":"2026-04-23T04:11:35+00:00","cve":"CVE-2021-1405","urls":{"html":"https://cve.report/CVE-2021-1405","api":"https://cve.report/api/cve/CVE-2021-1405.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-1405","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-1405"},"summary":{"title":"CVE-2021-1405","description":"A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.","state":"PUBLIC","assigner":"psirt@cisco.com","published_at":"2021-04-08 05:15:00","updated_at":"2022-08-05 17:18:00"},"problem_types":["CWE-909"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html","name":"[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 2626-1] clamav security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202104-07","name":"GLSA-202104-07","refsource":"GENTOO","tags":[],"title":"ClamAV: Denial of Service (GLSA 202104-07) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","name":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","refsource":"CISCO","tags":[],"title":"ClamAV® blog: ClamAV 0.103.2 security patch release","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-1405","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-1405","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"1405","vulnerable":"1","versionEndIncluding":"0.103.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clamav","cpe5":"clamav","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"1405","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"9.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-1405","qid":"174899","title":"SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1174-1)"},{"cve":"CVE-2021-1405","qid":"174903","title":"SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1190-1)"},{"cve":"CVE-2021-1405","qid":"174911","title":"SUSE Enterprise Linux Security Update for clamav (SUSE-SU-2021:1189-1)"},{"cve":"CVE-2021-1405","qid":"178543","title":"Debian Security Update for clamav (DLA 2626-1)"},{"cve":"CVE-2021-1405","qid":"180398","title":"Debian Security Update for clamav (CVE-2021-1405)"},{"cve":"CVE-2021-1405","qid":"198334","title":"Ubuntu Security Notification for ClamAV vulnerabilities (USN-4918-1)"},{"cve":"CVE-2021-1405","qid":"375524","title":"ClamAV Multiple Vulnerability"},{"cve":"CVE-2021-1405","qid":"500100","title":"Alpine Linux Security Update for clamav"},{"cve":"CVE-2021-1405","qid":"503825","title":"Alpine Linux Security Update for clamav"},{"cve":"CVE-2021-1405","qid":"690182","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for clamav (9ae2c00f-97d0-11eb-8cd6-080027f515ea)"},{"cve":"CVE-2021-1405","qid":"710017","title":"Gentoo Linux ClamAV Denial of Service Vulnerability (GLSA 202104-07)"},{"cve":"CVE-2021-1405","qid":"750265","title":"OpenSUSE Security Update for clamav (openSUSE-SU-2021:0555-1)"},{"cve":"CVE-2021-1405","qid":"900102","title":"CBL-Mariner Linux Security Update for clamav 0.103.0"},{"cve":"CVE-2021-1405","qid":"902797","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for clamav (4078)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@cisco.com","DATE_PUBLIC":"2021-04-08T12:08:00.000Z","ID":"CVE-2021-1405","STATE":"PUBLIC","TITLE":"Clam AntiVirus (ClamAV) PDF Parser Denial of Service Vulnerability"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"ClamAV","version":{"version_data":[{"version_affected":"<=","version_value":"0.103.1"}]}}]},"vendor_name":"Cisco"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-120 Buffer Overflow"}]}]},"references":{"reference_data":[{"name":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","refsource":"CISCO","url":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20210414 [SECURITY] [DLA 2626-1] clamav security update","url":"https://lists.debian.org/debian-lts-announce/2021/04/msg00012.html"},{"refsource":"GENTOO","name":"GLSA-202104-07","url":"https://security.gentoo.org/glsa/202104-07"}]},"source":{"advisory":"https://blog.clamav.net/2021/04/clamav-01032-security-patch-release.html","discovery":"UNKNOWN"}},"nvd":{"publishedDate":"2021-04-08 05:15:00","lastModifiedDate":"2022-08-05 17:18:00","problem_types":["CWE-909"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":5},"severity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndIncluding":"0.103.1","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"1405","Ordinal":"191478","Title":"CVE-2021-1405","CVE":"CVE-2021-1405","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"1405","Ordinal":"1","NoteData":"A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"1405","Ordinal":"2","NoteData":"2021-04-08","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"1405","Ordinal":"3","NoteData":"2021-04-30","Type":"Other","Title":"Modified"}]}}}