rpm package
suse/p7zip&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
pkg:rpm/suse/p7zip&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52169 | Hig | 8.2 | < 16.02-150200.14.12.1 | 16.02-150200.14.12.1 | Jul 3, 2024 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has se | |
| CVE-2023-52168 | Hig | 8.4 | < 16.02-150200.14.12.1 | 16.02-150200.14.12.1 | Jul 3, 2024 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc. |
- affected < 16.02-150200.14.12.1fixed 16.02-150200.14.12.1
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has se
- affected < 16.02-150200.14.12.1fixed 16.02-150200.14.12.1
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc.