EUVD-2025-7018

Malicious code in bioql PyPI...

CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

CVE-2024-12389 Path Traversal in binary-husky/gpt_academic

A path traversal vulnerability exists in binary-husky/gptacademic version git 310122f. The application supports the extraction of user-provided 7z files without proper validation. The Python py7zr package used for extraction does not guarantee that files will remain within the intended extraction...

USN-7030-1: py7zr vulnerability

It was discovered that py7zr was vulnerable to path traversal attacks. If a user or automated system were tricked into extracting a specially crafted 7z archive, an attacker could possibly use this issue to write arbitrary files outside the target directory on the host...

Ubuntu 22.04 LTS : py7zr vulnerability (USN-7030-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7030-1 advisory. It was discovered that py7zr was vulnerable to path traversal attacks. If a user or automated system were tricked into extracting a specially crafted 7z archive, ...

Debian: Security Advisory (DSA-5652-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5652-1] py7zr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5652-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 02, 2024 https://www.debian.org/security/faq -...

Directory Traversal

py7zr is vulnerable to directory traversal. The vulnerability exists in the SevenZipFile.extractall function of py7zr.py due to a lack of sanity checks in paths which allows an attacker to traverse through the file system...

py7zr 0.20.0 Directory Traversal

CVE-2022-44900: path traversal vulnerability in py7zr Directory traversal vulnerability in SevenZipFile.extractall function of the python library py7zr version 0.20.0 and earlier allow attackers to read arbitrary files on the local machine via malicious 7z file extraction. CVE-2022-44900...

py7zr 0.20.0 Directory Traversal Vulnerability

CVE-2022-44900: path traversal vulnerability in py7zr Directory traversal vulnerability in SevenZipFile.extractall function of the python library py7zr version 0.20.0 and earlier allow attackers to read arbitrary files on the local machine via malicious 7z file extraction. CVE-2022-44900...

CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

DEBIAN-CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

PYSEC-2022-42998

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

aqtinstall (=0.9.8), brevettiai (>=0.5.4 <=0.8.5) +19 more potentially affected by CVE-2022-44900 via py7zr (>=0.10.2 <=0.18.5)

py7zr PYPI version =0.10.2, =0.5.4, =0.1.0, =1.1.1.dev1, =1.2.0, =1.1.6, =0.1.0, =1.0.0, =1.1.1, =0.2.6, =2.0.0, =0.2.8, =4.6.0.dev1 and more Source cves: CVE-2022-44900 Source advisory: OSV:PYSEC-2022-42998...

UBUNTU-CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

py7zr 路径遍历漏洞

py7zr is a library and utility program by the individual developer Hiroshi Miura. It supports compression, decompression, encryption and decryption of 7zip archives written in the Python programming language. A security vulnerability exists in py7zr version v0.20.0 and earlier versions. An attack...

CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...

PT-2022-27330 · Py7Zr +2 · Py7Zr +2

Name of the Vulnerable Software and Affected Versions: py7zr versions 0.20.0 and earlier Description: A directory traversal issue in the SevenZipFile.extractall function allows attackers to write arbitrary files by extracting a crafted 7z file. Recommendations: For py7zr versions 0.20.0 and...

CVE-2022-44900

CVE-2022-44900 : A directory traversal vulnerability in the Python py7zr library (v0.20.0 and earlier) affects SevenZipFile.extractall(), allowing an attacker to write arbitrary files when extracting crafted 7z archives. The issue is documented across multiple advisories (Ubuntu, Debian, OpenVAS,...

CVE-2022-44900

A directory traversal vulnerability in the SevenZipFile.extractall function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file...