CVE-2021-35516
ADVISORY - githubSummary
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
EPSS Score: 0.01893 (0.827)
Common Weakness Enumeration (CWE)
ADVISORY - nist
ADVISORY - github
ADVISORY - gitlab
ADVISORY - redhat
Allocation of Resources Without Limits or Throttling
NIST
CVSS SCORE
7.5highGitHub
CVSS SCORE
7.5highDebian
CREATED
UPDATED
ADVISORY IDCVE-2021-35516
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2021-35516
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
7.5mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2021-35516
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
7.5mediumintheWild
CREATED
UPDATED
ADVISORY IDCVE-2021-35516
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-