Amazon Linux 2023 : p7zip, p7zip-plugins (ALAS2023-2024-705)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-705 advisory. The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 for 7zz contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buff...