{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T05:50:27.452","vulnerabilities":[{"cve":{"id":"CVE-2026-27117","sourceIdentifier":"security-advisories@github.com","published":"2026-02-24T22:16:32.053","lastModified":"2026-02-25T20:29:27.743","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability (\"Zip Slip\") exists in bit7z's archive extraction functionality. The library does not adequately validate file paths contained in archive entries, allowing files to be written outside the intended extraction directory through three distinct mechanisms: relative path traversal, absolute path traversal, and symbolic link traversal. An attacker can exploit this by providing a malicious archive to any application that uses bit7z to extract untrusted archives. Successful exploitation results in arbitrary file write with the privileges of the process performing the extraction. This could lead to overwriting of application binaries, configuration files, or other sensitive data. The vulnerability does not directly enable reading of file contents; the confidentiality impact is limited to the calling application's own behavior after extraction. However, applications that subsequently serve or display extracted files may face secondary confidentiality risks from attacker-created symlinks. Fixes have been released in version 4.0.11. If upgrading is not immediately possible, users can mitigate the vulnerability by validating each entry's destination path before writing. Other mitigations include running extraction with least privilege and extracting untrusted archives in a sandboxed directory."},{"lang":"es","value":"bit7z es una librería estática de C++ multiplataforma que permite la compresión/extracción de archivos de archivo. Antes de la versión 4.0.11, existe una vulnerabilidad de salto de ruta ('Zip Slip') en la funcionalidad de extracción de archivos de bit7z. La librería no valida adecuadamente las rutas de archivo contenidas en las entradas del archivo, permitiendo que los archivos se escriban fuera del directorio de extracción previsto a través de tres mecanismos distintos: salto de ruta relativo, salto de ruta absoluto y salto de enlace simbólico. Un atacante puede explotar esto proporcionando un archivo malicioso a cualquier aplicación que utilice bit7z para extraer archivos no confiables. Si se explota con éxito se logra la escritura arbitraria de archivos con los privilegios del proceso que realiza la extracción. Esto podría llevar a la sobrescritura de binarios de aplicaciones, archivos de configuración u otros datos sensibles. La vulnerabilidad no permite directamente la lectura del contenido de los archivos; el impacto en la confidencialidad se limita al propio comportamiento de la aplicación llamante después de la extracción. Sin embargo, las aplicaciones que posteriormente sirven o muestran archivos extraídos pueden enfrentar riesgos secundarios de confidencialidad debido a enlaces simbólicos creados por el atacante. Se han lanzado correcciones en la versión 4.0.11. Si no es posible actualizar de inmediato, los usuarios pueden mitigar la vulnerabilidad validando la ruta de destino de cada entrada antes de escribir. Otras mitigaciones incluyen ejecutar la extracción con mínimo privilegio y extraer archivos no confiables en un directorio aislado (sandboxed)."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-23"},{"lang":"en","value":"CWE-36"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rikyoz:bit7z:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.11","matchCriteriaId":"495AC7B7-7FAB-4BFA-BE04-58BD0C15D76C"}]}]}],"references":[{"url":"https://github.com/rikyoz/bit7z/commit/31763da9a3e41a199c141c8d71f6c11de24b45cf","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/rikyoz/bit7z/commit/9e020483eefa5825ec9310b1d869933d4f77f969","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/rikyoz/bit7z/releases/tag/v4.0.11","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/rikyoz/bit7z/security/advisories/GHSA-qvjh-hhw4-3gx9","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}}]}