CNNVD-202507-2332 Information

CNNVD ID

CNNVD-202507-2332

Related CVE

CVE-2025-53816

• CNNVD Published: 2025-07-17

Description (Chinese)

7-Zip是7-Zip开源的一个压缩软件。 7-Zip 25.0.0之前版本存在安全漏洞，该漏洞源于RAR5处理程序中写入零值超出堆缓冲区，可能导致内存损坏和拒绝服务。

Description (English)

7-Zip is a compression software from 7-Zip open source. The previous version of 7-Zip 25.0.0 had a security loophole, which stemmed from the inclusion of zero-value excess buffers in the RAR5 process, which could lead to memory damage and denial of services.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

7-Zip

Published

2025-07-17

Last Modified

2026-02-24

References

https://www.openwall.com/lists/oss-security/2025/07/18/1 https://securitylab.github.com/advisories/GHSL-2025-058_7-Zip/ https://www.oracle.com/security-alerts/cpuoct2025.html https://vigilance.fr/vulnerability/7-Zip-buffer-overflow-via-RAR5-47748 https://nvd.nist.gov/vuln/detail/CVE-2025-53816

Patch

https://www.7-zip.org/download.html