Lucene search
+L

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/02 12:0 a.m.20 views

Debian dsa-5652 : python-py7zr-doc - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5652 advisory. - A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via...

9.1CVSS8.4AI score0.02242EPSS
Exploits3References4
0day.today
0day.today
added 2022/12/07 12:0 a.m.255 views

py7zr 0.20.0 Directory Traversal Vulnerability

CVE-2022-44900: path traversal vulnerability in py7zr Directory traversal vulnerability in SevenZipFile.extractall function of the python library py7zr version 0.20.0 and earlier allow attackers to read arbitrary files on the local machine via malicious 7z file extraction. CVE-2022-44900...

9.1CVSS9.3AI score0.02242EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/12/07 12:0 a.m.535 views

py7zr 0.20.0 Directory Traversal

CVE-2022-44900: path traversal vulnerability in py7zr Directory traversal vulnerability in SevenZipFile.extractall function of the python library py7zr version 0.20.0 and earlier allow attackers to read arbitrary files on the local machine via malicious 7z file extraction. CVE-2022-44900...

0.3AI score0.02242EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2022/12/06 9:30 p.m.7 views

aqtinstall (=0.9.8), brevettiai (>=0.5.4 <=0.8.5) +19 more potentially affected by CVE-2022-44900 via py7zr (>=0.10.2 <=0.18.5)

py7zr PYPI version =0.10.2, =0.5.4, =0.1.0, =1.1.1.dev1, =1.2.0, =1.1.6, =0.1.0, =1.0.0, =1.1.1, =0.2.6, =2.0.0, =0.2.8, =4.6.0.dev1 and more Source cves: CVE-2022-44900 Source advisory: OSV:GHSA-M8XW-9X5X-6VH3...

9.1CVSS7.7AI score0.02242EPSS
Exploits3
vulnersOsv
vulnersOsv
added 2022/12/06 8:15 p.m.3 views

aqtinstall (=0.9.8), brevettiai (>=0.5.4 <=0.8.5) +19 more potentially affected by CVE-2022-44900 via py7zr (>=0.10.2 <=0.18.5)

py7zr PYPI version =0.10.2, =0.5.4, =0.1.0, =1.1.1.dev1, =1.2.0, =1.1.6, =0.1.0, =1.0.0, =1.1.1, =0.2.6, =2.0.0, =0.2.8, =4.6.0.dev1 and more Source cves: CVE-2022-44900 Source advisory: OSV:PYSEC-2022-42998...

9.1CVSS7.2AI score0.02242EPSS
Exploits3
UbuntuCve
UbuntuCve
added 2022/12/06 8:15 p.m.30 views

CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

9.1CVSS7.3AI score0.02242EPSS
Exploits3References3
CVE
CVE
added 2022/12/06 12:0 a.m.95 views

CVE-2022-44900

CVE-2022-44900 : A directory traversal vulnerability in the Python py7zr library (v0.20.0 and earlier) affects SevenZipFile.extractall(), allowing an attacker to write arbitrary files when extracting crafted 7z archives. The issue is documented across multiple advisories (Ubuntu, Debian, OpenVAS,...

9.1CVSS8.8AI score0.02242EPSS
Exploits3References3Affected Software1
Rows per page
Query Builder