Home / os / win7

py7zr 0.20.0 Directory Traversal

Posted on 07 December 2022

A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr versions 0.20.0 and earlier allows attackers to read arbitrary files on the local machine via a malicious 7z file extraction.

 

TOP