Vulnerabilities in 7-Zip
9 resultsCVE-2025-0411HIGH7-Zip Mark-of-the-Web Bypass VulnerabilityEPSS 67.1%KEVCVE-2025-11001HIGH7-Zip ZIP File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 27.0%CVE-2023-40481HIGH7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution VulnerabilityEPSS 26.9%CVE-2024-11477HIGH7-Zip Zstandard Decompression Integer Underflow Remote Code Execution VulnerabilityEPSS 22.0%CVE-2024-11612MEDIUM7-Zip CopyCoder Infinite Loop Denial-of-Service VulnerabilityEPSS 1.7%CVE-2025-55188LOW7-Zip before 25.01 does not always properly handle symbolic links during extraction.EPSS 0.7%CVE-2025-11002HIGH7-Zip ZIP File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 0.5%CVE-2022-47111LOW7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffectEPSS 0.2%CVE-2022-47112LOW7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffecEPSS 0.2%