When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:36
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-07-13 08:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-35515
Mitre link : CVE-2021-35515
CVE.ORG link : CVE-2021-35515
JSON object : View
Products Affected
oracle
- communications_diameter_intelligence_hub
- banking_digital_experience
- utilities_testing_accelerator
- communications_cloud_native_core_unified_data_repository
- banking_party_management
- banking_treasury_management
- banking_payments
- commerce_guided_search
- communications_billing_and_revenue_management
- communications_cloud_native_core_service_communication_proxy
- business_process_management_suite
- communications_cloud_native_core_automated_test_suite
- banking_enterprise_default_management
- flexcube_universal_banking
- peoplesoft_enterprise_peopletools
- communications_messaging_server
- communications_session_route_manager
- insurance_policy_administration
- healthcare_data_repository
- financial_services_crime_and_compliance_management_studio
- banking_trade_finance
- financial_services_enterprise_case_management
- primavera_unifier
apache
- commons_compress
netapp
- oncommand_insight
- active_iq_unified_manager