skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

ClamAV Releases Security Patches 1.4.2 and 1.0.8

/ 1 min read

🦪 ClamAV releases security patches 1.4.2 and 1.0.8 to address vulnerabilities. The latest updates for ClamAV include critical security patches aimed at fixing a buffer overflow read bug in the OLE2 file parser, which could lead to a denial-of-service (DoS) condition. This vulnerability, identified as CVE-2025-20128, affects all currently supported versions and was first introduced in version 1.0.0. Additionally, the 1.0.8 patch addresses an infinite loop issue related to non-existent watched directories, backporting a fix from version 1.3.0. Users can download the release files from the ClamAV downloads page, GitHub Release page, and Docker Hub, although availability on Docker Hub may vary.

Source
{entry.data.source.title}
Original