upx

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Extendable, high-performance executable packer for several executable formats
Version 4.2.4-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-1676 3.96-2 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-30501 AVG-1676 Low No Denial of service
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via...
CVE-2021-30500 AVG-1676 Low No Denial of service
A null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code...
CVE-2021-20285 AVG-1676 Low No Denial of service
A security issue was found in upx canPack in p_lx_elf.cpp in UPX 3.96 that allows attackers to cause a denial of service (SEGV or buffer overflow, and...
CVE-2020-24119 AVG-1676 Medium No Information disclosure
A heap buffer overflow read was discovered in upx 3.96 because the check in p_lx_elf.cpp is not perfect.