DescriptionA directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having critical severity.
|National Vulnerability Database|
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Tumbleweed|| ||Patchnames: |
openSUSE Tumbleweed GA python310-py7zr-0.20.2-1.1
SUSE Timeline for this CVECVE page created: Tue Dec 6 23:00:04 2022
CVE page last modified: Thu Dec 29 17:14:56 2022