Subscribe via feed.

py7zr 0.20.0 Directory Traversal

Posted by deepcore on December 8, 2022 – 5:31 pm

A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr versions 0.20.0 and earlier allows attackers to read arbitrary files on the local machine via a malicious 7z file extraction.


This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.


« »