Описание
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| upx-ucl | fixed | 4.2.2-1 | package |
Примечания
https://github.com/upx/upx/issues/394
https://github.com/upx/upx/commit/cc9ccdbbd12eb1fe2d926667d0427c63e95a0ca6
EPSS
Процентиль: 36%
0.00146
Низкий
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 3 лет назад
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVSS3: 7.8
nvd
больше 3 лет назад
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVSS3: 7.8
github
больше 3 лет назад
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
EPSS
Процентиль: 36%
0.00146
Низкий