CVE-2024-11612
7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th
7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of streams. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-24307.
| CWE | CWE-835 |
| Vendor | 7-zip |
| Product | 7-zip |
| Published | Nov 22, 2024 |
| Last Updated | Nov 26, 2024 |
Stay Ahead of the Next One
Get instant alerts for 7-zip 7-zip
Be the first to know when new medium vulnerabilities affecting 7-zip 7-zip are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Versions
7-Zip / 7-Zip
24.06