Information on source package upx-ucl

Available versions

Release	Version
buster	3.95-1
bullseye	3.96-2
bookworm	3.96-3
sid	3.96-3

Open issues

Bug	buster	bullseye	bookworm	sid	Description
CVE-2023-23456	vulnerable (no DSA)	vulnerable	vulnerable	vulnerable	A heap-based buffer overflow issue was discovered in UPX in PackTmt::p ...

Open unimportant issues

Bug	buster	bullseye	bookworm	sid	Description
CVE-2023-23457	vulnerable	vulnerable	vulnerable	vulnerable	A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dyn ...
CVE-2021-30501	vulnerable	vulnerable	vulnerable	vulnerable	An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ...
CVE-2021-30500	vulnerable	vulnerable	vulnerable	vulnerable	Null pointer dereference was found in upx PackLinuxElf::canUnpack() in ...
CVE-2021-20285	vulnerable	vulnerable	vulnerable	vulnerable	A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw ...
CVE-2020-27802	vulnerable	vulnerable	vulnerable	vulnerable	An floating point exception was discovered in the elf_lookup function ...
CVE-2020-27801	vulnerable	vulnerable	vulnerable	vulnerable	A heap-based buffer over-read was discovered in the get_le64 function ...
CVE-2020-27800	vulnerable	vulnerable	vulnerable	vulnerable	A heap-based buffer over-read was discovered in the get_le32 function ...
CVE-2020-27799	vulnerable	vulnerable	vulnerable	vulnerable	A heap-based buffer over-read was discovered in the acc_ua_get_be32 fu ...
CVE-2020-27798	vulnerable	vulnerable	vulnerable	vulnerable	An invalid memory address reference was discovered in the adjABS funct ...
CVE-2020-27797	vulnerable	vulnerable	vulnerable	vulnerable	An invalid memory address reference was discovered in the elf_lookup f ...
CVE-2020-27796	vulnerable	vulnerable	vulnerable	vulnerable	A heap-based buffer over-read was discovered in the invert_pt_dynamic ...
CVE-2020-27790	vulnerable	fixed	fixed	fixed	A floating point exception issue was discovered in UPX in PackLinuxElf ...
CVE-2020-27788	vulnerable	fixed	fixed	fixed	An out-of-bounds read access vulnerability was discovered in UPX in Pa ...
CVE-2020-27787	vulnerable	fixed	fixed	fixed	A Segmentaation fault was found in UPX in invert_pt_dynamic() function ...
CVE-2020-24119	vulnerable	vulnerable	vulnerable	vulnerable	A heap buffer overflow read was discovered in upx 4.0.0, because the c ...
CVE-2019-20805	vulnerable	fixed	fixed	fixed	p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacki ...
CVE-2019-20053	vulnerable	fixed	fixed	fixed	An invalid memory address dereference was discovered in the canUnpack ...
CVE-2019-20051	vulnerable	fixed	fixed	fixed	A floating-point exception was discovered in PackLinuxElf::elf_hash in ...
CVE-2019-20021	vulnerable	fixed	fixed	fixed	A heap-based buffer over-read was discovered in canUnpack in p_mach.cp ...
CVE-2019-14296	vulnerable	fixed	fixed	fixed	canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause ...
CVE-2019-14295	vulnerable	fixed	fixed	fixed	An Integer overflow in the getElfSections function in p_vmlinx.cpp in ...

Resolved issues

Bug	Description
CVE-2018-11243	PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attac ...
CVE-2017-16869	DISPUTED p_mach.cpp in UPX 3.94 allows remote attackers to cause ...
CVE-2017-15056	p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote a ...