CVE-2019-20021

A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:upx:upx:3.95:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

History

11 Apr 2025, 12:27

Type Values Removed Values Added
First Time Upx
Upx upx
CPE cpe:2.3:a:upx_project:upx:3.95:*:*:*:*:*:*:* cpe:2.3:a:upx:upx:3.95:*:*:*:*:*:*:*

Information

Published : 2019-12-27 02:15

Updated : 2025-04-11 12:27


NVD link : CVE-2019-20021

Mitre link : CVE-2019-20021

CVE.ORG link : CVE-2019-20021


JSON object : View

Products Affected

fedoraproject

  • fedora

upx

  • upx
CWE
CWE-125

Out-of-bounds Read