Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Commons Compress users should upgrade to 1.21 or later. With Compress 1.19 we introduced a feature that tries to recover broken 7z archives, which makes it far easier to exploit this weakness. As a result we have disabled the recovery code by default and users need to enable it explicitly. In addition users are able to control the amount of memory SevenZFile may use and we strongly recommend using this feature when trying to recover broken archives.
No history.

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-08-04T00:40:46.628Z
Reserved: 2021-06-27T00:00:00
Link: CVE-2021-35516

No data.

Status : Modified
Published: 2021-07-13T08:15:07.137
Modified: 2024-11-21T06:12:25.430
Link: CVE-2021-35516


No data.