Amazon Linux 2023 : 7zip, 7zip-reduced, 7zip-standalone (ALAS2023-2026-1820)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1820 advisory. A heap buffer overflow vulnerability GHSL-2026-140 exists in 7-Zip version 26.00, caused by an under- allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers ...