Vulnerability of the 7-Zip file archiver

A free file archiver for extremely high compression

Brought to you by: ipavlov

#660 Vulnerability of the 7-Zip file archiver

Status: open

Owner: nobody

Labels: None

Priority: 9

Updated: 2 days ago

Created: 4 days ago

Creator: Petr

Private: No

Vulnerability of the 7-Zip file archiver (BDU:2025-12912, CVSS 3.1 hazard level is high) related to incorrect identification of symbolic links before accessing the file. The exploitation of this vulnerability may allow an intruder to execute arbitrary code, provided that the user opens a specially generated ZIP archive. When is an update planned to close this hole?

Discussion

AlexS - 4 days ago

This bug is fixed in 25.01 https://bdu.fstec.ru/vul/2025-12912?ysclid=mhu8qsh0w9345731704

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Petr - 2 days ago

Thank you. Haven't looked at the ChangeLog

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Vulnerability of the 7-Zip file archiver

A free file archiver for extremely high compression

Group

Searches

Help

#660 Vulnerability of the 7-Zip file archiver

Discussion