FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

7-Zip -- Multi-byte write heap buffer overflow in NCompress::NRar5::CDecoder

Affected packages
7-zip < 25.00

Details

VuXML ID 80411ba2-6729-11f0-a5cb-8c164580114f
Discovery 2025-07-17
Entry 2025-07-22

security-advisories@github.com reports:

7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue.

[source]

References

CVE Name CVE-2025-53816
URL https://nvd.nist.gov/vuln/detail/CVE-2025-53816

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.