Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2021-35515

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
apache / commons_compress 1.6 1.20.x
oracle / flexcube_universal_banking 12.4.0 12.4.0.x
oracle / business_process_management_suite 12.2.1.3.0 12.2.1.3.0.x
oracle / peoplesoft_enterprise_peopletools 8.57 8.57.x
oracle / primavera_unifier 18.8 18.8.x
oracle / primavera_unifier 17.7 17.12.x
oracle / banking_digital_experience 19.1 19.1.x
oracle / flexcube_universal_banking 14.0.0 14.3.0.x
oracle / peoplesoft_enterprise_peopletools 8.58 8.58.x
oracle / primavera_unifier 19.12 19.12.x
oracle / banking_digital_experience 20.1 20.1.x
oracle / primavera_unifier 20.12 20.12.x
oracle / business_process_management_suite 12.2.1.4.0 12.2.1.4.0.x
oracle / communications_messaging_server 8.1 8.1.x
oracle / commerce_guided_search 11.3.2 11.3.2.x
oracle / peoplesoft_enterprise_peopletools 8.59 8.59.x
oracle / insurance_policy_administration 11.3.0 11.3.0.x
oracle / insurance_policy_administration 11.0.2 11.0.2.x
oracle / financial_services_enterprise_case_management 8.0.8.1.0 8.0.8.1.0.x
oracle / financial_services_enterprise_case_management 8.0.7.2.0 8.0.7.2.0.x
oracle / healthcare_data_repository 8.1.0 8.1.0.x
oracle / communications_session_route_manager 8.0.0 8.2.5.x
oracle / banking_party_management 2.7.0 2.7.0.x
oracle / utilities_testing_accelerator 6.0.0.2.2 6.0.0.2.2.x
oracle / utilities_testing_accelerator 6.0.0.3.1 6.0.0.3.1.x
oracle / utilities_testing_accelerator 6.0.0.1.1 6.0.0.1.1.x
oracle / banking_digital_experience 21.1 21.1.x
oracle / communications_cloud_native_core_unified_data_repository 1.14.0 1.14.0.x
oracle / communications_cloud_native_core_service_communication_proxy 1.14.0 1.14.0.x
oracle / communications_cloud_native_core_automated_test_suite 1.8.0 1.8.0.x
oracle / communications_billing_and_revenue_management 12.0.0.4 12.0.0.4.x
oracle / insurance_policy_administration 11.1.0 11.1.0.x
oracle / insurance_policy_administration 11.3.1 11.3.1.x
oracle / banking_enterprise_default_management 2.7.0 2.7.0.x
oracle / banking_digital_experience 18.1 18.3.x
oracle / insurance_policy_administration 11.2.8 11.2.8.x
oracle / banking_payments 14.5 14.5.x
oracle / banking_trade_finance 14.5 14.5.x
oracle / banking_treasury_management 14.5 14.5.x
oracle / flexcube_universal_banking 14.5.0 14.5.0.x
oracle / communications_diameter_intelligence_hub 8.0.0 8.2.3.x
oracle / financial_services_crime_and_compliance_management_studio 8.0.8.2.0 8.0.8.2.0.x
oracle / financial_services_crime_and_compliance_management_studio 8.0.8.3.0 8.0.8.3.0.x
org.apache.commons / commons-compress - 1.21