CVE-2022-47111

LOW

7-Zip 22.01 - Improper Check for Unusual or Exceptional Conditions in xz File Handling

Title source: llm
STIX 2.1

Description

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.

References (1)

Core 1
Core References

Scores

CVSS v3 2.5
EPSS 0.0020
EPSS Percentile 9.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-754
Status published
Products (1)
7-zip/7-zip 22.01
Published Apr 19, 2025
Tracked Since Feb 18, 2026