Skip to main content

Py7Zr

1 CVEs product

Monthly

CVE-2022-44900 PyPI CRITICAL POC PATCH Act Now

A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Python Py7Zr
NVD GitHub
CVSS 3.1
9.1
EPSS
2.2%
EPSS 2% CVSS 9.1
CRITICAL POC PATCH Act Now

A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Python Py7Zr
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy