[jira] [Created] (COMPRESS-680) CVE-2024-25710 and CVE-2024-26308Indicates whether 7z decompression is involved.

Radar wen (Jira) Tue, 28 May 2024 20:16:03 -0700

Radar wen created COMPRESS-680:
----------------------------------

             Summary: CVE-2024-25710 and CVE-2024-26308Indicates whether 7z 
decompression is involved.
                 Key: COMPRESS-680
                 URL: https://issues.apache.org/jira/browse/COMPRESS-680
             Project: Commons Compress
          Issue Type: Bug
          Components: Archivers
    Affects Versions: 1.21
            Reporter: Radar wen



I cannot upgrade to the latest version due to historical issues,
Excuse me ，CVE-2024-25710 and CVE-2024-26308 Whether the SevenZArchiveEntry and 
SevenZFile classes for 7z decompression are involved.

org.apache.commons.compress.archivers.sevenz.SevenZArchiveEntry;
org.apache.commons.compress.archivers.sevenz.SevenZFile;



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (COMPRESS-680) CVE-2024-25710 and CVE-2024-26308Indicates whether 7z decompression is involved.

Reply via email to