New assessment for topic: CVE-2024-11477
Topic description: "7-Zip Zstandard Decompression Integer Underflow Remote Code Execution Vulnerability ..."
"This vulnerability was [introduced](https://github.com/ip7z/7zip/commits/main/C/ZstdDec.c) into 7zip in version 24.05 (released circa May 15, 2024), and then [fixed](https://github.com/ip7z/7zip/commit/a7a1d4a241492e81f659a920f7379c193593ebc6#diff-896855d0e24931a930fa2e2a5e6c4a92d3589a70c1f8436d76e0f3c673888624R1313) in version 24.07 (released circa June 19, 2024), so therefore the vulnerability was only present in two releases over a 1 month period ..."
Link:
https://attackerkb.com/assessments/8eb9f1f7-057b-4b6e-943f-d26f65249edf