CVE-2023-31102

Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 23.00

Description The issue is related to an integer underflow in the 7z file parser component of 7-Zip, allowing a remote attacker to execute arbitrary code on affected installations. This can be achieved by tricking the victim into opening a crafted archive. There have been reports of offensive activities targeting this vulnerability.

Recommendations For versions prior to 23.00, update to version 23.00 or later to resolve the issue. As a temporary workaround, consider avoiding the use of 7-Zip to open archives from untrusted sources until the update is applied.