Search CVE reports
1 – 10 of 19 results
7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to...
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Needs evaluation | Needs evaluation | — | — |
| p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
[Unknown description]
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Needs evaluation | Needs evaluation | — | — |
| p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
7-Zip before 25.01 does not always properly handle symbolic links during extraction.
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Needs evaluation | Needs evaluation | — | — |
| p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Needs evaluation | Needs evaluation | Not in release | — |
| p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Needs evaluation | Needs evaluation | Not in release | — |
| p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this...
2 affected packages
p7zip, 7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| p7zip | Not affected | Not affected | Not affected | Not affected |
| 7zip | Not affected | Not affected | Not in release | — |
7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to...
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Vulnerable | Vulnerable | Not in release | — |
| p7zip | Not affected | Vulnerable | Vulnerable | Vulnerable |
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is...
2 affected packages
7zip, p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| 7zip | Not affected | Not affected | Not in release | — |
| p7zip | Not affected | Needs evaluation | Needs evaluation | Needs evaluation |
Rejected reason: This is a duplicate of an earlier CVE, CVE-2022-47069.
1 affected package
p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| p7zip | — | Not affected | Not affected | Not affected |
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer...
1 affected package
p7zip
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| p7zip | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |