Rikyoz

Bit7z

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.6

CVE-2026-45380

  • EPSS 0.12%
  • Veröffentlicht 10.06.2026 20:00:24
  • Zuletzt bearbeitet 11.06.2026 16:16:23

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink() allows an attacker to craft a .7z archive that, when ex...

6.1

CVE-2026-45384

  • EPSS 0.13%
  • Veröffentlicht 10.06.2026 20:00:19
  • Zuletzt bearbeitet 11.06.2026 15:35:13

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, there is an arbitrary file overwrite vulnerability via symlink attack on predictable temp files during archive update. This...

7.5

CVE-2026-27117

Exploit
  • EPSS 0.31%
  • Veröffentlicht 24.02.2026 21:46:12
  • Zuletzt bearbeitet 25.02.2026 20:29:27

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability ("Zip Slip") exists in bit7z's archive extraction functionality. The library does not adequa...