Vulnerabilities > CVE-2021-46179 - Reachable Assertion vulnerability in UPX Project UPX

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

upx-project

CWE-617

NVD

Published: 2023-08-22

Updated: 2023-08-25

Summary

Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.

Vulnerable Configurations

Part	Description	Count
Application	Upx_Project UPX Project UPX 1.10 UPX Project UPX 1.11 UPX Project UPX 1.90 UPX Project UPX 1.91 UPX Project UPX 1.92 UPX Project UPX 1.93 UPX Project UPX 1.94 UPX Project UPX 1.95 UPX Project UPX 1.96 UPX Project UPX 2.00 UPX Project UPX 2.01 UPX Project UPX 2.90 UPX Project UPX 2.91 UPX Project UPX 2.92 UPX Project UPX 2.93 UPX Project UPX 3.00 UPX Project UPX 3.01 UPX Project UPX 3.02 UPX Project UPX 3.03 UPX Project UPX 3.04 UPX Project UPX 3.05 UPX Project UPX 3.06 UPX Project UPX 3.07 UPX Project UPX 3.08 UPX Project UPX 3.09 UPX Project UPX 3.91 UPX Project UPX 3.92 UPX Project UPX 3.93 UPX Project UPX 3.94 UPX Project UPX 3.95 UPX Project UPX 3.96	31

Common Weakness Enumeration (CWE)

CWE-617 - Reachable Assertion

References

https://github.com/upx/upx/issues/545