rpm package
opensuse/p7zip&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/p7zip&distro=openSUSE%20Leap%2015.6
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-53817 | — | < 16.02-150200.14.15.1 | 16.02-150200.14.15.1 | Jul 17, 2025 | 7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue. | ||
| CVE-2023-52169 | Hig | 8.2 | < 16.02-150200.14.12.1 | 16.02-150200.14.12.1 | Jul 3, 2024 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has se | |
| CVE-2023-52168 | Hig | 8.4 | < 16.02-150200.14.12.1 | 16.02-150200.14.12.1 | Jul 3, 2024 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc. | |
| CVE-2022-47069 | — | < 16.02-150200.14.15.1 | 16.02-150200.14.15.1 | Aug 22, 2023 | p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur. |
- CVE-2025-53817Jul 17, 2025affected < 16.02-150200.14.15.1fixed 16.02-150200.14.15.1
7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue.
- affected < 16.02-150200.14.12.1fixed 16.02-150200.14.12.1
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has se
- affected < 16.02-150200.14.12.1fixed 16.02-150200.14.12.1
The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc.
- CVE-2022-47069Aug 22, 2023affected < 16.02-150200.14.15.1fixed 16.02-150200.14.15.1
p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp. NOTE: the Supplier has found that this is not a buffer overflow; at most an out-of-bounds read can occur.