vulnerability

Alpine Linux: CVE-2021-1405: Classic Buffer Overflow

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Apr 8, 2021	Aug 22, 2024	Dec 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Apr 8, 2021

Added

Aug 22, 2024

Modified

Dec 5, 2025

Description

A vulnerability in the email parsing module in Clam AntiVirus (ClamAV) Software version 0.103.1 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper variable initialization that may result in an NULL pointer read. An attacker could exploit this vulnerability by sending a crafted email to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.

Solution

alpine-linux-upgrade-clamav

References

CVE-2021-1405
https://attackerkb.com/topics/CVE-2021-1405
URL-https://security.alpinelinux.org/vuln/CVE-2021-1405
CWE-120
CWE-909

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today