CNNVD-202511-2146 Information

CNNVD ID

CNNVD-202511-2146

Related CVE

CVE-2025-11001

• CNNVD Published: 2025-11-19

Description (Chinese)

7-Zip是7-Zip开源的一个压缩软件。 7-Zip存在路径遍历漏洞，该漏洞源于处理ZIP文件中的符号链接不当，可能导致远程代码执行。

Description (English)

7-Zip is a compression software from 7-Zip open source. 7-Zip has a loophole in the path, which stems from the mislinking of symbols in ZIP files, which may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

7-Zip

Published

2025-11-19

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-949/

Patch

https://www.7-zip.org/download.html