Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NanZip has ROMFS Archive Infinite Loop / Stack Overflow
Vulnerability Description
NanaZip is an open source file archive Starting in version 5.0.1252.0 and prior to version 6.0.1630.0, circular `NextOffset` chains cause an infinite loop, and deeply nested directories cause unbounded recursion (stack overflow) in the ROMFS archive parser. Version 6.0.1630.0 patches the issue.
CVSS Information
N/A
Vulnerability Type
未经控制的递归
Vulnerability Title
NanaZip 安全漏洞
Vulnerability Description
NanaZip是M2-Team开源的一个压缩软件。 NanaZip 5.0.1252.0版本至6.0.1630.0之前版本存在安全漏洞,该漏洞源于ROMFS存档解析器中循环NextOffset链和深度嵌套目录,可能导致无限循环和堆栈溢出。
CVSS Information
N/A
Vulnerability Type
N/A