<< Back
CVE Number Vulnerability Product Severity Date
CVE-2023-40481 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 7-Zip High 30-05-2024

Technical Information

A remote code vulnerability in 7-Zip’s parsing of SQFS files due to improper validation of user-supplied data, which can allow to write past the end of an allocated buffer. This may allow an attacker to execute code in context of the current user.

Patch Release Date: May 07, 2023
Further information on this vulnerability is available at: CVE-2023-40481

Affected Software

7-Zip before version 23.0