{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","type":"deb","namespace":"debian","name":"7zip","version":"25.01+dfsg-1~deb13u1~bpo12+1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96775?format=json","vulnerability_id":"VCID-6qgu-7h5h-1bed","summary":"7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53817","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28258","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28247","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28305","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28107","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27917","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27995","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28193","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.2824","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2795","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27891","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27975","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27887","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28181","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3146","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31591","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31495","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53435","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58861","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.58848","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53817"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2025/07/18/2","reference_id":"2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:25:46Z/"}],"url":"https://www.openwall.com/lists/oss-security/2025/07/18/2"},{"reference_url":"https://securitylab.github.com/advisories/GHSL-2025-059_7-Zip/","reference_id":"GHSL-2025-059_7-Zip","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-17T20:25:46Z/"}],"url":"https://securitylab.github.com/advisories/GHSL-2025-059_7-Zip/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2025-53817"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qgu-7h5h-1bed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95689?format=json","vulnerability_id":"VCID-6xnz-5ctc-fkbk","summary":"7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  The specific flaw exists within the parsing of SQFS files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18589.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40481","reference_id":"","reference_type":"","scores":[{"value":"0.03353","scoring_system":"epss","scoring_elements":"0.87411","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03353","scoring_system":"epss","scoring_elements":"0.87405","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88899","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88845","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.8886","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88862","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.8888","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88885","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88891","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0431","scoring_system":"epss","scoring_elements":"0.88903","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04325","scoring_system":"epss","scoring_elements":"0.88947","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04325","scoring_system":"epss","scoring_elements":"0.88969","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04325","scoring_system":"epss","scoring_elements":"0.88953","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04325","scoring_system":"epss","scoring_elements":"0.88939","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04325","scoring_system":"epss","scoring_elements":"0.88946","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10538","scoring_system":"epss","scoring_elements":"0.93343","published_at":"2026-05-16T12:55:00Z"},{"value":"0.10538","scoring_system":"epss","scoring_elements":"0.93328","published_at":"2026-05-12T12:55:00Z"},{"value":"0.10538","scoring_system":"epss","scoring_elements":"0.93342","published_at":"2026-05-14T12:55:00Z"},{"value":"0.10538","scoring_system":"epss","scoring_elements":"0.93349","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40481"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/","reference_id":"713c8a8269","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T19:54:59Z/"}],"url":"https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1164/","reference_id":"ZDI-23-1164","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T19:54:59Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1164/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2023-40481"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xnz-5ctc-fkbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96442?format=json","vulnerability_id":"VCID-ne48-dtxr-2ybq","summary":"7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation.  The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26743.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11002","reference_id":"","reference_type":"","scores":[{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31618","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32183","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31521","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31592","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31602","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31511","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31619","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32221","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32046","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32097","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32126","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3213","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32092","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32095","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32072","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.32045","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31879","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.31753","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00127","scoring_system":"epss","scoring_elements":"0.3167","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33777","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33701","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11002"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-950/","reference_id":"ZDI-25-950","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-24T04:55:26Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-950/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2025-11002"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ne48-dtxr-2ybq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96441?format=json","vulnerability_id":"VCID-pgke-8ce4-uybu","summary":"7-Zip ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. Interaction with this product is required to exploit this vulnerability but attack vectors may vary depending on the implementation.  The specific flaw exists within the handling of symbolic links in ZIP files. Crafted data in a ZIP file can cause the process to traverse to unintended directories. An attacker can leverage this vulnerability to execute code in the context of a service account. Was ZDI-CAN-26753.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11001","reference_id":"","reference_type":"","scores":[{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.4419","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44123","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44174","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44167","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45987","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45959","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45966","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46015","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46019","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45922","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45912","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45963","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49232","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49063","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49126","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49154","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49225","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49147","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50074","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50002","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11001"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/52501.py","reference_id":"CVE-2025-11001","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/52501.py"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-949/","reference_id":"ZDI-25-949","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-21T05:02:06Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-949/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2025-11001"],"risk_score":8.4,"exploitability":"2.0","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pgke-8ce4-uybu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95518?format=json","vulnerability_id":"VCID-q99c-7ggg-wyep","summary":"Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-31102","reference_id":"","reference_type":"","scores":[{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97229","published_at":"2026-04-08T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97213","published_at":"2026-04-02T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.9726","published_at":"2026-05-07T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97256","published_at":"2026-05-05T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.9725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97248","published_at":"2026-04-26T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97245","published_at":"2026-04-18T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97243","published_at":"2026-04-16T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97235","published_at":"2026-04-13T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97234","published_at":"2026-04-12T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97233","published_at":"2026-04-11T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.9723","published_at":"2026-04-09T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97218","published_at":"2026-04-04T12:55:00Z"},{"value":"0.38378","scoring_system":"epss","scoring_elements":"0.97219","published_at":"2026-04-07T12:55:00Z"},{"value":"0.5071","scoring_system":"epss","scoring_elements":"0.97883","published_at":"2026-05-16T12:55:00Z"},{"value":"0.5071","scoring_system":"epss","scoring_elements":"0.97871","published_at":"2026-05-09T12:55:00Z"},{"value":"0.5071","scoring_system":"epss","scoring_elements":"0.97872","published_at":"2026-05-11T12:55:00Z"},{"value":"0.5071","scoring_system":"epss","scoring_elements":"0.97875","published_at":"2026-05-12T12:55:00Z"},{"value":"0.5071","scoring_system":"epss","scoring_elements":"0.9788","published_at":"2026-05-14T12:55:00Z"},{"value":"0.5071","scoring_system":"epss","scoring_elements":"0.97882","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-31102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31102"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/","reference_id":"713c8a8269","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/"}],"url":"https://sourceforge.net/p/sevenzip/discussion/45797/thread/713c8a8269/"},{"reference_url":"https://www.7-zip.org/download.html","reference_id":"download.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/"}],"url":"https://www.7-zip.org/download.html"},{"reference_url":"https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/","reference_id":"integer-overflow-in-7-zip-cve-2023-31102","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/"}],"url":"https://ds-security.com/post/integer-overflow-in-7-zip-cve-2023-31102/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20231110-0007/","reference_id":"ntap-20231110-0007","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20231110-0007/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1165/","reference_id":"ZDI-23-1165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-06T13:42:37Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1165/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2023-31102"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q99c-7ggg-wyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95922?format=json","vulnerability_id":"VCID-rnzv-mnjr-rfby","summary":"7-Zip CopyCoder Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of 7-Zip. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.  The specific flaw exists within the processing of streams. The issue results from a logic error that can lead to an infinite loop. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-24307.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11612","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37991","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.37915","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38001","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38442","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38466","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38331","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38381","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38389","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38406","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38368","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38391","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38371","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38308","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3815","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38128","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38033","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.3792","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64968","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64886","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64941","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64951","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-11612"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11612","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11612"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-24-1606/","reference_id":"ZDI-24-1606","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:12:13Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-24-1606/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2024-11612"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnzv-mnjr-rfby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96801?format=json","vulnerability_id":"VCID-ymuu-t8yt-4kbk","summary":"7-Zip before 25.01 does not always properly handle symbolic links during extraction.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55188","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10529","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10597","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.1063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10601","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10535","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.10461","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1166","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11643","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11519","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11516","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.1625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16209","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16254","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18237","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17946","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18036","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18139","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18227","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19603","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19697","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55188"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2025/08/09/1","reference_id":"1","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://www.openwall.com/lists/oss-security/2025/08/09/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111068","reference_id":"1111068","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111068"},{"reference_url":"https://github.com/ip7z/7zip/compare/25.00...25.01","reference_id":"25.00...25.01","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://github.com/ip7z/7zip/compare/25.00...25.01"},{"reference_url":"https://github.com/ip7z/7zip/releases/tag/25.01","reference_id":"25.01","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://github.com/ip7z/7zip/releases/tag/25.01"},{"reference_url":"https://lunbun.dev/blog/cve-2025-55188/","reference_id":"cve-2025-55188","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://lunbun.dev/blog/cve-2025-55188/"},{"reference_url":"https://github.com/lunbun/CVE-2025-55188/","reference_id":"CVE-2025-55188","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://github.com/lunbun/CVE-2025-55188/"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2025-55188-detect-7-zip-vulnerable-version","reference_id":"cve-2025-55188-detect-7-zip-vulnerable-version","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://www.vicarius.io/vsociety/posts/cve-2025-55188-detect-7-zip-vulnerable-version"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2025-55188-mitigate-7-zip-vulnerability","reference_id":"cve-2025-55188-mitigate-7-zip-vulnerability","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://www.vicarius.io/vsociety/posts/cve-2025-55188-mitigate-7-zip-vulnerability"},{"reference_url":"https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/","reference_id":"da14cd780b","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/"},{"reference_url":"https://youtu.be/sWT6M1cfnwM","reference_id":"sWT6M1cfnwM","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-12T14:21:33Z/"}],"url":"https://youtu.be/sWT6M1cfnwM"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1089420?format=json","purl":"pkg:deb/debian/7zip@22.01%2Breally25.01%2Bdfsg-0%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@22.01%252Breally25.01%252Bdfsg-0%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/582720?format=json","purl":"pkg:deb/debian/7zip@24.09%2Bdfsg-8~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@24.09%252Bdfsg-8~bpo12%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053981?format=json","purl":"pkg:deb/debian/7zip@25.01%2Bdfsg-1~deb13u1~bpo12%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}],"aliases":["CVE-2025-55188"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymuu-t8yt-4kbk"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/7zip@25.01%252Bdfsg-1~deb13u1~bpo12%252B1"}