7-zip

7-zip

21 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.6

CVE-2025-55188

Exploit
  • EPSS 0.02%
  • Published 08.08.2025 00:00:00
  • Last modified 29.09.2025 22:59:25

7-Zip before 25.01 does not always properly handle symbolic links during extraction.

7.5

CVE-2025-53817

Exploit
  • EPSS 0.06%
  • Published 17.07.2025 18:12:24
  • Last modified 21.08.2025 19:34:06

7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor th...

7.5

CVE-2025-53816

Exploit
  • EPSS 0.07%
  • Published 17.07.2025 18:09:58
  • Last modified 21.08.2025 19:33:01

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue.

3.3

CVE-2022-47112

Exploit
  • EPSS 0.02%
  • Published 19.04.2025 00:00:00
  • Last modified 18.08.2025 16:41:43

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.

3.3

CVE-2022-47111

Exploit
  • EPSS 0.02%
  • Published 19.04.2025 00:00:00
  • Last modified 18.08.2025 16:40:54

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.

7

CVE-2025-0411

Warning
  • EPSS 32.14%
  • Published 25.01.2025 05:15:09
  • Last modified 12.02.2025 18:14:13

7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the targe...

6.5

CVE-2024-11612

  • EPSS 0.14%
  • Published 22.11.2024 21:15:17
  • Last modified 07.08.2025 17:59:11

7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerabil...

7.8

CVE-2024-11477

  • EPSS 34.14%
  • Published 22.11.2024 21:15:08
  • Last modified 15.02.2025 01:15:10

7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vu...

8.2

CVE-2023-52169

  • EPSS 0.16%
  • Published 03.07.2024 18:15:04
  • Last modified 21.11.2024 17:15:07

The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the ...

7.8

CVE-2023-40481

  • EPSS 3.48%
  • Published 03.05.2024 03:15:21
  • Last modified 12.08.2025 19:48:23

7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability i...