7-Zip 22.01 DoS via Invalid xz Files (Block Flags/Reserved Bits)
CVE-2022-47111 Published on April 19, 2025
7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected.
Weakness Type
Improper Check for Unusual or Exceptional Conditions
The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.
Products Associated with CVE-2022-47111
Want to know whenever a new CVE is published for 7Zip 7 Zip? stack.watch will email you.
Affected Versions
7-Zip Version 22.01 is affected by CVE-2022-47111Exploit Probability
EPSS
0.08%
Percentile
24.12%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.