CVE-2025-55188

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-55188
7-Zip before 25.01 does not always properly handle symbolic links during extraction.
CVSS

No CVSS.

References
Link Resource
https://github.com/ip7z/7zip/compare/25.00...25.01 Product
https://github.com/ip7z/7zip/releases/tag/25.01 Release Notes
https://lunbun.dev/blog/cve-2025-55188/
https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/ Product
https://www.openwall.com/lists/oss-security/2025/08/09/1
https://youtu.be/sWT6M1cfnwM
Configurations

Configuration 1 (hide)

cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*
History

18 Aug 2025, 17:15

Type Values Removed Values Added
References
  • () https://lunbun.dev/blog/cve-2025-55188/ -

18 Aug 2025, 04:15

Type Values Removed Values Added
References
  • () https://youtu.be/sWT6M1cfnwM -
  • () https://www.openwall.com/lists/oss-security/2025/08/09/1 -

14 Aug 2025, 17:28

Type Values Removed Values Added
First Time 7-zip
7-zip 7-zip
CPE cpe:2.3:a:7-zip:7-zip:*:*:*:*:*:*:*:*
References () https://github.com/ip7z/7zip/releases/tag/25.01 - () https://github.com/ip7z/7zip/releases/tag/25.01 - Release Notes
References () https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/ - () https://sourceforge.net/p/sevenzip/discussion/45797/thread/da14cd780b/ - Product
References () https://github.com/ip7z/7zip/compare/25.00...25.01 - () https://github.com/ip7z/7zip/compare/25.00...25.01 - Product

10 Aug 2025, 01:15

Type Values Removed Values Added
CWE CWE-59

08 Aug 2025, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-08 21:15

Updated : 2025-08-18 17:15

NVD link : CVE-2025-55188

Mitre link : CVE-2025-55188

JSON object : View

Products Affected

7-zip

  • 7-zip
CWE

No CWE.