CVE-2021-46179

MEDIUM EPSS 36.2%

Published Aug 22, 20232y ago · Modified Jun 17, 20261w ago

6.5 CVSS 3.1

Medium

Published Aug 22, 2023 2y ago

Last Modified Jun 17, 2026 1w ago

Description

Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.

CVSS Details

Base Score

6.5

Exploitability

2.8

Impact

3.6

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction Required

Scope Unchanged

Confidentiality None

Integrity None

Availability High

Threat Intelligence

EPSS Exploit Probability

36.2% percentile

Exploit & Patch Status

No Known Exploit

Patch Available

Weaknesses 1

CWE-617

Affected Products 1

Vendor	Product	Version	Range
upx	upx	*	<4.0.0

References 1

github.com https://github.com/upx/upx/issues/545

Issue TrackingPatch

Remediation

github.com https://github.com/upx/upx/issues/545

Issue TrackingPatch