Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Lifecycle Timeline
2DescriptionGitHub Advisory
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive (ASAR) parser in NanaZip. When opening a crafted .asar file with deeply nested JSON in the header, both nlohmann::json::parse and the handler's GetAllPaths function recurse without depth limits, exhausting the thread stack and crashing the NanaZip process. This vulnerability is fixed in 6.0.1698.0.
Analysis
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive (ASAR) parser in NanaZip. When opening a crafted .asar file with deeply nested JSON in the header, both nlohmann::json::parse and the handler's GetAllPaths function recurse without depth limits, exhausting the thread stack and crashing the NanaZip process. This vulnerability is fixed in 6.0.1698.0.
Nanazip versions up to 6.0.1630.0 is affected by loop with unreachable exit condition (infinite loop) (CVSS 7.5).
NanaZip versions 5.0.1252.0 through 6.0.1629.0 contain an out-of-bounds heap read in the .NET Single File bundle parser
NanaZip versions 5.0.1252.0 through 6.5.1637.0 contain an out-of-bounds memory access flaw in the UFS file parser that c
Out-of-bounds memory read in NanaZip versions 5.0.1252.0 through 6.0.1637.x allows local authenticated attackers to disc
NanaZip versions 5.0.1252.0 through 6.0.1629.0 are vulnerable to denial of service through malformed ROMFS archives that
NanaZip versions 5.0.1252.0 through 6.5.1637.x contain an integer underflow in the .NET Single File Application parser t
Heap out-of-bounds read in NanaZip's Android Verified Boot (AVB) vbmeta image parser allows unauthenticated remote attac
Heap out-of-bounds read in NanaZip's Android Verified Boot (AVB) vbmeta image parser crashes the application and may lea
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a one-byte heap out-of-bounds null write e
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in
Heap out-of-bounds read in NanaZip's inherited 7-Zip LvmHandler component allows an unauthenticated remote attacker to c
NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability ex
Same weakness CWE-674 – Uncontrolled Recursion
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29786