2 matches found
CVE-2026-55206
CVE-2026-55206 (py7zr) affects the Python-based 7z library py7zr. The root cause is an O(n^2) cumulative-sum implementation in PackInfo._read() (archiveinfo.py) that parses attacker-controlled numstreams from archive headers. This causes excessive CPU usage during SevenZipFile.init() before extra...
Inefficient Algorithmic Complexity
Overview py7zr is a Pure python 7-zip library Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity through the PackInfo.read function. An attacker can cause excessive CPU consumption by providing a crafted archive with a large number of streams, leading to...