Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2019-20053

Published: 27/12/2019 Updated: 01/01/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Upx

Vulnerability Summary

An invalid memory address dereference exists in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

upx project upx 3.95

opensuse backports sle-15

opensuse leap 15.1

Vendor Advisories

Debian CVElist Bug Report Logs: upx-ucl: CVE-2019-20021 CVE-2019-20053
Debian Bug report logs - #947471 upx-ucl: CVE-2019-20021 CVE-2019-20053 Package: src:upx-ucl; Maintainer for src:upx-ucl is Robert Luberda <robert@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 27 Dec 2019 13:39:02 UTC Severity: normal Tags: security, upstream Found in versions upx-ucl ...

References

CWE-119https://github.com/upx/upx/issues/314http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-02/msg00007.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947471https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook