CVE-2021-46179

Published: Aug 22, 2023Modified: Apr 11, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.

Affected (1)

Products: Upx: Upx

Upx

1 product

Upx

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Upx Upx	Before 4.0.0

Related CWEs

CWE-617

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

References (2)

https://github.com/upx/upx/issues/545

Source: cve@mitre.org

Issue TrackingPatch

https://github.com/upx/upx/issues/545

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatch

Timeline

No history available yet.