CVE-2022-47112

Published: 04/19/2025 21:15:45

7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.

LOW
CVSS v3: 2.5

Status

DocFilters Release	Package	State	Justification	Comment
0.0.0.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.3	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.2	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.1.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
25.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.4	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.4.0	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.3	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.2.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.2	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
24.1	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
23.3	7-zip (23.01)	Not Affected	Code Not Present	23.01 does not match CVE configuration.
23.2.1	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’
23.2	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’
23.1	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’
22.4	7-zip (17.01)	Not Affected	Protected At Runtime	CVE does not included required value ‘lzma’

Attack Complexity

HIGH

Attack Vector

LOCAL

Availability Impact

NONE

Base Score

2.5

Base Severity

LOW

Confidentiality Impact

NONE

Integrity Impact

LOW

Privileges Required

NONE

Scope

UNCHANGED

User Interaction

REQUIRED

Vector String

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Version

3.1