pandora-analysis/pandora

Releases25

Frequency2 months 3 days

Last Release 8 days ago

Stars280

Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-22898 ↗	Jan 10, 2023Tuesday, 10 January 2023, 02:15	6.5 MEDIUM	—
workers/extractor.py in Pandora (aka pandora-analysis/pandora) 1.3.0 allows a denial of service when an attacker submits a deeply nested ZIP archive (aka ZIP bomb).