When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.
{ "github_reviewed": true, "nvd_published_at": "2021-07-13T08:15:00Z", "github_reviewed_at": "2021-07-14T17:35:41Z", "severity": "HIGH", "cwe_ids": [ "CWE-834", "CWE-835" ] }