VYPR

apk package

wolfi/upx

pkg:apk/wolfi/upx

Vulnerabilities (3)

  • CVE-2025-2849Mar 27, 2025
    affected < 5.0.1-r0fixed 5.0.1-r0

    A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The e

  • CVE-2023-23457Jan 12, 2023
    affected < 0fixed 0

    A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.

  • CVE-2023-23456Jan 12, 2023
    affected < 5.0.0-r0fixed 5.0.0-r0

    A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.