PT-2025-17392 · 7 Zip+3 · 7-Zip+2

Published

2025-04-19

Updated

2025-08-18

CVE-2022-47111

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions 7-Zip versions 22.01 through 24.09

Description The issue involves 7-Zip not reporting an error for certain invalid xz files, specifically those with issues related to block flags and reserved bits.

Recommendations For versions 22.01 through 24.09, consider updating to a version later than 24.09 to resolve the issue.

Exploit

Fix

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

BDU:2025-05149

CVE-2022-47111

Affected Products

7-Zip

Astra Linux

Debian

PT-2025-17392 · 7 Zip+3 · 7-Zip+2

CVE-2022-47111

Weakness Enumeration

Related Identifiers

Affected Products

References · 16