Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
Typedeb
Namespacedebian
Name7zip
Version25.01+dfsg-1~deb13u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version25.01+dfsg-1
Latest_non_vulnerable_version26.00+dfsg1-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-6qgu-7h5h-1bed
vulnerability_id VCID-6qgu-7h5h-1bed
summary 7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-53817
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.28247
published_at 2026-04-13T12:55:00Z
1
value 0.00103
scoring_system epss
scoring_elements 0.28305
published_at 2026-04-12T12:55:00Z
2
value 0.00103
scoring_system epss
scoring_elements 0.2824
published_at 2026-04-18T12:55:00Z
3
value 0.00103
scoring_system epss
scoring_elements 0.28258
published_at 2026-04-16T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31406
published_at 2026-04-07T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31549
published_at 2026-04-02T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31591
published_at 2026-04-04T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.3146
published_at 2026-04-08T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.3149
published_at 2026-04-09T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31495
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-53817
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53817
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53817
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.openwall.com/lists/oss-security/2025/07/18/2
reference_id 2
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:25:46Z/
url https://www.openwall.com/lists/oss-security/2025/07/18/2
4
reference_url https://securitylab.github.com/advisories/GHSL-2025-059_7-Zip/
reference_id GHSL-2025-059_7-Zip
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:25:46Z/
url https://securitylab.github.com/advisories/GHSL-2025-059_7-Zip/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@25.00%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@25.00%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.00%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2025-53817
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qgu-7h5h-1bed
1
url VCID-6xnz-5ctc-fkbk
vulnerability_id VCID-6xnz-5ctc-fkbk
summary 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-40481
reference_id
reference_type
scores
0
value 0.0431
scoring_system epss
scoring_elements 0.88903
published_at 2026-04-18T12:55:00Z
1
value 0.0431
scoring_system epss
scoring_elements 0.88845
published_at 2026-04-02T12:55:00Z
2
value 0.0431
scoring_system epss
scoring_elements 0.8888
published_at 2026-04-08T12:55:00Z
3
value 0.0431
scoring_system epss
scoring_elements 0.88885
published_at 2026-04-09T12:55:00Z
4
value 0.0431
scoring_system epss
scoring_elements 0.88897
published_at 2026-04-11T12:55:00Z
5
value 0.0431
scoring_system epss
scoring_elements 0.88891
published_at 2026-04-13T12:55:00Z
6
value 0.0431
scoring_system epss
scoring_elements 0.88904
published_at 2026-04-16T12:55:00Z
7
value 0.0431
scoring_system epss
scoring_elements 0.8886
published_at 2026-04-04T12:55:00Z
8
value 0.0431
scoring_system epss
scoring_elements 0.88862
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-40481
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40481
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
reference_id 713c8a8269
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T19:54:59Z/
url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
reference_id ZDI-23-1164
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T19:54:59Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1164/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@23.01%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2023-40481
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6xnz-5ctc-fkbk
2
url VCID-bzcx-rxg3-aygs
vulnerability_id VCID-bzcx-rxg3-aygs
summary 
7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.

The specific flaw exists within the implementation of Zstandard decompression. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24346.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11477
reference_id
reference_type
scores
0
value 0.38072
scoring_system epss
scoring_elements 0.97213
published_at 2026-04-09T12:55:00Z
1
value 0.38072
scoring_system epss
scoring_elements 0.97217
published_at 2026-04-12T12:55:00Z
2
value 0.38072
scoring_system epss
scoring_elements 0.97216
published_at 2026-04-11T12:55:00Z
3
value 0.38072
scoring_system epss
scoring_elements 0.97195
published_at 2026-04-02T12:55:00Z
4
value 0.38072
scoring_system epss
scoring_elements 0.97201
published_at 2026-04-04T12:55:00Z
5
value 0.38072
scoring_system epss
scoring_elements 0.97202
published_at 2026-04-07T12:55:00Z
6
value 0.38072
scoring_system epss
scoring_elements 0.97211
published_at 2026-04-08T12:55:00Z
7
value 0.43636
scoring_system epss
scoring_elements 0.9753
published_at 2026-04-18T12:55:00Z
8
value 0.43636
scoring_system epss
scoring_elements 0.97521
published_at 2026-04-13T12:55:00Z
9
value 0.43636
scoring_system epss
scoring_elements 0.97529
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11477
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
reference_id ZDI-24-1532
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-30T04:55:53Z/
url https://www.zerodayinitiative.com/advisories/ZDI-24-1532/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@0?distro=trixie
purl pkg:deb/debian/7zip@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@0%3Fdistro=trixie
2
url pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qgu-7h5h-1bed
1
vulnerability VCID-6xnz-5ctc-fkbk
2
vulnerability VCID-ne48-dtxr-2ybq
3
vulnerability VCID-pgke-8ce4-uybu
4
vulnerability VCID-q99c-7ggg-wyep
5
vulnerability VCID-rnzv-mnjr-rfby
6
vulnerability VCID-ymuu-t8yt-4kbk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Bdfsg-8%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@24.07%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@24.07%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.07%252Bdfsg-1%3Fdistro=trixie
4
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
5
url pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg-4%3Fdistro=trixie
6
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2024-11477
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bzcx-rxg3-aygs
3
url VCID-h4pw-pga4-77ex
vulnerability_id VCID-h4pw-pga4-77ex
summary 
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0411
reference_id
reference_type
scores
0
value 0.52406
scoring_system epss
scoring_elements 0.97939
published_at 2026-04-18T12:55:00Z
1
value 0.52406
scoring_system epss
scoring_elements 0.97913
published_at 2026-04-02T12:55:00Z
2
value 0.52406
scoring_system epss
scoring_elements 0.9793
published_at 2026-04-12T12:55:00Z
3
value 0.52406
scoring_system epss
scoring_elements 0.97932
published_at 2026-04-13T12:55:00Z
4
value 0.52406
scoring_system epss
scoring_elements 0.97938
published_at 2026-04-16T12:55:00Z
5
value 0.52406
scoring_system epss
scoring_elements 0.97915
published_at 2026-04-04T12:55:00Z
6
value 0.52406
scoring_system epss
scoring_elements 0.97918
published_at 2026-04-07T12:55:00Z
7
value 0.52406
scoring_system epss
scoring_elements 0.97923
published_at 2026-04-08T12:55:00Z
8
value 0.52406
scoring_system epss
scoring_elements 0.97926
published_at 2026-04-09T12:55:00Z
9
value 0.52406
scoring_system epss
scoring_elements 0.97929
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0411
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-045/
reference_id ZDI-25-045
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T04:55:28Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-045/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@0?distro=trixie
purl pkg:deb/debian/7zip@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@0%3Fdistro=trixie
2
url pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qgu-7h5h-1bed
1
vulnerability VCID-6xnz-5ctc-fkbk
2
vulnerability VCID-ne48-dtxr-2ybq
3
vulnerability VCID-pgke-8ce4-uybu
4
vulnerability VCID-q99c-7ggg-wyep
5
vulnerability VCID-rnzv-mnjr-rfby
6
vulnerability VCID-ymuu-t8yt-4kbk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Bdfsg-8%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg-4%3Fdistro=trixie
5
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2025-0411
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h4pw-pga4-77ex
4
url VCID-hgkj-wq8u-q3eh
vulnerability_id VCID-hgkj-wq8u-q3eh
summary The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-52168
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22643
published_at 2026-04-18T12:55:00Z
1
value 0.00075
scoring_system epss
scoring_elements 0.22646
published_at 2026-04-16T12:55:00Z
2
value 0.00075
scoring_system epss
scoring_elements 0.2263
published_at 2026-04-13T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.31476
published_at 2026-04-11T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.31472
published_at 2026-04-09T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31571
published_at 2026-04-04T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31528
published_at 2026-04-02T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31433
published_at 2026-04-12T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31388
published_at 2026-04-07T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31441
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-52168
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52168
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.openwall.com/lists/oss-security/2024/07/03/10
reference_id 10
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T19:17:52Z/
url https://www.openwall.com/lists/oss-security/2024/07/03/10
4
reference_url http://www.openwall.com/lists/oss-security/2024/07/03/10
reference_id 10
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T19:17:52Z/
url http://www.openwall.com/lists/oss-security/2024/07/03/10
5
reference_url https://sourceforge.net/p/sevenzip/bugs/2402/
reference_id 2402
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T19:17:52Z/
url https://sourceforge.net/p/sevenzip/bugs/2402/
6
reference_url https://usn.ubuntu.com/7438-1/
reference_id USN-7438-1
reference_type
scores
url https://usn.ubuntu.com/7438-1/
7
reference_url https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
reference_id vulnerabilities-in-7-zip-and-ntfs3
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-11T19:17:52Z/
url https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qgu-7h5h-1bed
1
vulnerability VCID-6xnz-5ctc-fkbk
2
vulnerability VCID-ne48-dtxr-2ybq
3
vulnerability VCID-pgke-8ce4-uybu
4
vulnerability VCID-q99c-7ggg-wyep
5
vulnerability VCID-rnzv-mnjr-rfby
6
vulnerability VCID-ymuu-t8yt-4kbk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Bdfsg-8%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@24.05%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@24.05%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.05%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg-4%3Fdistro=trixie
5
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2023-52168
risk_score 3.8
exploitability 0.5
weighted_severity 7.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgkj-wq8u-q3eh
5
url VCID-ne48-dtxr-2ybq
vulnerability_id VCID-ne48-dtxr-2ybq
summary 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26743.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11002
reference_id
reference_type
scores
0
value 0.00127
scoring_system epss
scoring_elements 0.32072
published_at 2026-04-18T12:55:00Z
1
value 0.00127
scoring_system epss
scoring_elements 0.32183
published_at 2026-04-02T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.32092
published_at 2026-04-12T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.32061
published_at 2026-04-13T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.32095
published_at 2026-04-16T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.32221
published_at 2026-04-04T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.32046
published_at 2026-04-07T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.32097
published_at 2026-04-08T12:55:00Z
8
value 0.00127
scoring_system epss
scoring_elements 0.32126
published_at 2026-04-09T12:55:00Z
9
value 0.00127
scoring_system epss
scoring_elements 0.3213
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11002
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11002
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-950/
reference_id ZDI-25-950
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-24T04:55:26Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-950/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@25.00%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@25.00%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.00%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2025-11002
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ne48-dtxr-2ybq
6
url VCID-pgke-8ce4-uybu
vulnerability_id VCID-pgke-8ce4-uybu
summary 7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26753.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-11001
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.4419
published_at 2026-04-04T12:55:00Z
1
value 0.00216
scoring_system epss
scoring_elements 0.44167
published_at 2026-04-02T12:55:00Z
2
value 0.00216
scoring_system epss
scoring_elements 0.44174
published_at 2026-04-08T12:55:00Z
3
value 0.00216
scoring_system epss
scoring_elements 0.44123
published_at 2026-04-07T12:55:00Z
4
value 0.00231
scoring_system epss
scoring_elements 0.46015
published_at 2026-04-18T12:55:00Z
5
value 0.00231
scoring_system epss
scoring_elements 0.45959
published_at 2026-04-12T12:55:00Z
6
value 0.00231
scoring_system epss
scoring_elements 0.45966
published_at 2026-04-13T12:55:00Z
7
value 0.00231
scoring_system epss
scoring_elements 0.46019
published_at 2026-04-16T12:55:00Z
8
value 0.00231
scoring_system epss
scoring_elements 0.45963
published_at 2026-04-09T12:55:00Z
9
value 0.00231
scoring_system epss
scoring_elements 0.45987
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-11001
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11001
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/52501.py
reference_id CVE-2025-11001
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/52501.py
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-25-949/
reference_id ZDI-25-949
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-21T05:02:06Z/
url https://www.zerodayinitiative.com/advisories/ZDI-25-949/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@25.00%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@25.00%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.00%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2025-11001
risk_score 8.4
exploitability 2.0
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgke-8ce4-uybu
7
url VCID-q99c-7ggg-wyep
vulnerability_id VCID-q99c-7ggg-wyep
summary Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-31102
reference_id
reference_type
scores
0
value 0.38378
scoring_system epss
scoring_elements 0.97218
published_at 2026-04-04T12:55:00Z
1
value 0.38378
scoring_system epss
scoring_elements 0.97213
published_at 2026-04-02T12:55:00Z
2
value 0.38378
scoring_system epss
scoring_elements 0.97245
published_at 2026-04-18T12:55:00Z
3
value 0.38378
scoring_system epss
scoring_elements 0.97243
published_at 2026-04-16T12:55:00Z
4
value 0.38378
scoring_system epss
scoring_elements 0.97235
published_at 2026-04-13T12:55:00Z
5
value 0.38378
scoring_system epss
scoring_elements 0.97234
published_at 2026-04-12T12:55:00Z
6
value 0.38378
scoring_system epss
scoring_elements 0.97233
published_at 2026-04-11T12:55:00Z
7
value 0.38378
scoring_system epss
scoring_elements 0.9723
published_at 2026-04-09T12:55:00Z
8
value 0.38378
scoring_system epss
scoring_elements 0.97229
published_at 2026-04-08T12:55:00Z
9
value 0.38378
scoring_system epss
scoring_elements 0.97219
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-31102
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31102
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31102
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
reference_id 713c8a8269
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/
4
reference_url https://www.7-zip.org/download.html
reference_id download.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://www.7-zip.org/download.html
5
reference_url https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/
reference_id integer-overflow-in-7-zip-cve-2023-31102
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/
6
reference_url https://security.netapp.com/advisory/ntap-20231110-0007/
reference_id ntap-20231110-0007
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://security.netapp.com/advisory/ntap-20231110-0007/
7
reference_url https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
reference_id ZDI-23-1165
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/
url https://www.zerodayinitiative.com/advisories/ZDI-23-1165/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@23.01%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@23.01%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2023-31102
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q99c-7ggg-wyep
8
url VCID-rnzv-mnjr-rfby
vulnerability_id VCID-rnzv-mnjr-rfby
summary 7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the processing of streams. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-24307.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-11612
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38371
published_at 2026-04-18T12:55:00Z
1
value 0.00171
scoring_system epss
scoring_elements 0.38368
published_at 2026-04-12T12:55:00Z
2
value 0.00171
scoring_system epss
scoring_elements 0.38344
published_at 2026-04-13T12:55:00Z
3
value 0.00171
scoring_system epss
scoring_elements 0.38391
published_at 2026-04-16T12:55:00Z
4
value 0.00171
scoring_system epss
scoring_elements 0.38442
published_at 2026-04-02T12:55:00Z
5
value 0.00171
scoring_system epss
scoring_elements 0.38466
published_at 2026-04-04T12:55:00Z
6
value 0.00171
scoring_system epss
scoring_elements 0.38331
published_at 2026-04-07T12:55:00Z
7
value 0.00171
scoring_system epss
scoring_elements 0.38381
published_at 2026-04-08T12:55:00Z
8
value 0.00171
scoring_system epss
scoring_elements 0.38389
published_at 2026-04-09T12:55:00Z
9
value 0.00171
scoring_system epss
scoring_elements 0.38406
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-11612
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11612
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11612
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.zerodayinitiative.com/advisories/ZDI-24-1606/
reference_id ZDI-24-1606
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:12:13Z/
url https://www.zerodayinitiative.com/advisories/ZDI-24-1606/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@24.08%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@24.08%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.08%252Bdfsg-1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2024-11612
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rnzv-mnjr-rfby
9
url VCID-uebs-8u4d-3bd1
vulnerability_id VCID-uebs-8u4d-3bd1
summary The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that allows an attacker to read beyond the intended buffer. The bytes read beyond the intended buffer are presented as a part of a filename listed in the file system image. This has security relevance in some known web-service use cases where untrusted users can upload files and have them extracted by a server-side 7-Zip process.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-52169
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.39076
published_at 2026-04-18T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.39106
published_at 2026-04-16T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.3905
published_at 2026-04-13T12:55:00Z
3
value 0.00286
scoring_system epss
scoring_elements 0.52131
published_at 2026-04-11T12:55:00Z
4
value 0.00286
scoring_system epss
scoring_elements 0.52079
published_at 2026-04-09T12:55:00Z
5
value 0.00286
scoring_system epss
scoring_elements 0.52063
published_at 2026-04-04T12:55:00Z
6
value 0.00286
scoring_system epss
scoring_elements 0.52037
published_at 2026-04-02T12:55:00Z
7
value 0.00286
scoring_system epss
scoring_elements 0.52114
published_at 2026-04-12T12:55:00Z
8
value 0.00286
scoring_system epss
scoring_elements 0.52028
published_at 2026-04-07T12:55:00Z
9
value 0.00286
scoring_system epss
scoring_elements 0.52083
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-52169
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52169
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52169
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.openwall.com/lists/oss-security/2024/07/03/10
reference_id 10
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:47:13Z/
url https://www.openwall.com/lists/oss-security/2024/07/03/10
4
reference_url http://www.openwall.com/lists/oss-security/2024/07/03/10
reference_id 10
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:47:13Z/
url http://www.openwall.com/lists/oss-security/2024/07/03/10
5
reference_url https://sourceforge.net/p/sevenzip/bugs/2402/
reference_id 2402
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:47:13Z/
url https://sourceforge.net/p/sevenzip/bugs/2402/
6
reference_url https://usn.ubuntu.com/7438-1/
reference_id USN-7438-1
reference_type
scores
url https://usn.ubuntu.com/7438-1/
7
reference_url https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
reference_id vulnerabilities-in-7-zip-and-ntfs3
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-21T16:47:13Z/
url https://dfir.ru/2024/06/19/vulnerabilities-in-7-zip-and-ntfs3/
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/7zip@22.01%2Bdfsg-8%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-6qgu-7h5h-1bed
1
vulnerability VCID-6xnz-5ctc-fkbk
2
vulnerability VCID-ne48-dtxr-2ybq
3
vulnerability VCID-pgke-8ce4-uybu
4
vulnerability VCID-q99c-7ggg-wyep
5
vulnerability VCID-rnzv-mnjr-rfby
6
vulnerability VCID-ymuu-t8yt-4kbk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Bdfsg-8%252Bdeb12u1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@24.05%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@24.05%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.05%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
4
url pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg-4%3Fdistro=trixie
5
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2023-52169
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uebs-8u4d-3bd1
10
url VCID-ymuu-t8yt-4kbk
vulnerability_id VCID-ymuu-t8yt-4kbk
summary 7-Zip before 25.01 does not always properly handle symbolic links during extraction.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-55188
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10461
published_at 2026-04-07T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10529
published_at 2026-04-02T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10601
published_at 2026-04-09T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10535
published_at 2026-04-08T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10599
published_at 2026-04-04T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10597
published_at 2026-04-12T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.1063
published_at 2026-04-11T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.11519
published_at 2026-04-18T12:55:00Z
8
value 0.00039
scoring_system epss
scoring_elements 0.11516
published_at 2026-04-16T12:55:00Z
9
value 0.00039
scoring_system epss
scoring_elements 0.1166
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-55188
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55188
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55188
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://www.openwall.com/lists/oss-security/2025/08/09/1
reference_id 1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://www.openwall.com/lists/oss-security/2025/08/09/1
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111068
reference_id 1111068
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111068
5
reference_url https://github.com/ip7z/7zip/compare/25.00...25.01
reference_id 25.00...25.01
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://github.com/ip7z/7zip/compare/25.00...25.01
6
reference_url https://github.com/ip7z/7zip/releases/tag/25.01
reference_id 25.01
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://github.com/ip7z/7zip/releases/tag/25.01
7
reference_url https://lunbun.dev/blog/cve-2025-55188/
reference_id cve-2025-55188
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://lunbun.dev/blog/cve-2025-55188/
8
reference_url https://github.com/lunbun/CVE-2025-55188/
reference_id CVE-2025-55188
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://github.com/lunbun/CVE-2025-55188/
9
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55188-detect-7-zip-vulnerable-version
reference_id cve-2025-55188-detect-7-zip-vulnerable-version
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://www.vicarius.io/vsociety/posts/cve-2025-55188-detect-7-zip-vulnerable-version
10
reference_url https://www.vicarius.io/vsociety/posts/cve-2025-55188-mitigate-7-zip-vulnerability
reference_id cve-2025-55188-mitigate-7-zip-vulnerability
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://www.vicarius.io/vsociety/posts/cve-2025-55188-mitigate-7-zip-vulnerability
11
reference_url https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/
reference_id da14cd780b
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/
12
reference_url https://youtu.be/sWT6M1cfnwM
reference_id sWT6M1cfnwM
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/
url https://youtu.be/sWT6M1cfnwM
fixed_packages
0
url pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-3%3Fdistro=trixie
1
url pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie
2
url pkg:deb/debian/7zip@25.01%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/7zip@25.01%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1%3Fdistro=trixie
3
url pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
purl pkg:deb/debian/7zip@26.00%2Bdfsg1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@26.00%252Bdfsg1-2%3Fdistro=trixie
aliases CVE-2025-55188
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ymuu-t8yt-4kbk
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1%3Fdistro=trixie