Upx
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Upx.
By the Year
In 2025 there have been 1 vulnerability in Upx with an average score of 5.5 out of ten. Last year, in 2024 Upx had 1 security vulnerability published. At the current rates, it appears that the number of vulnerabilities last year and this year may equal out. Last year, the average CVE base score was greater by 4.30
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 1 | 5.50 |
| 2024 | 1 | 9.80 |
| 2023 | 10 | 7.00 |
| 2022 | 10 | 6.42 |
| 2021 | 4 | 6.75 |
| 2020 | 1 | 5.50 |
| 2019 | 5 | 5.96 |
| 2018 | 1 | 7.80 |
It may take a day or so for new Upx vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Upx Security Vulnerabilities
Heap Buffer Overflow in UPX <=5.0.0 (PackLinuxElf64::un_DT_INIT)
CVE-2025-2849
5.5 - Medium
- March 27, 2025
A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as e0b6ff192412f5bb5364c1948f4f6b27a0cd5ea2. It is recommended to apply a patch to fix this issue.
Memory Corruption
UPX<4.2.2 Heap OOB via get_ne64 (bele.h) critical
CVE-2024-3209
9.8 - Critical
- April 02, 2024
A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Reachable Assertion vulnerability in upx before 4.0.0
CVE-2021-46179
6.5 - Medium
- August 22, 2023
Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.
assertion failure
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32()
CVE-2021-43315
7.5 - High
- March 24, 2023
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349
Memory Corruption
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32()
CVE-2021-43317
7.5 - High
- March 24, 2023
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404
Memory Corruption
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32()
CVE-2021-43311
7.5 - High
- March 24, 2023
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382.
Memory Corruption
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address
CVE-2021-43312
7.5 - High
- March 24, 2023
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239.
Memory Corruption
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32()
CVE-2021-43314
7.5 - High
- March 24, 2023
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368
Memory Corruption
A heap-based buffer overflow was discovered in upx
CVE-2021-43316
7.5 - High
- March 24, 2023
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64().
Memory Corruption
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address
CVE-2021-43313
7.5 - High
- March 24, 2023
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688.
Memory Corruption
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file
CVE-2023-23456
5.5 - Medium
- January 12, 2023
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.
Memory Corruption
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp
CVE-2023-23457
5.5 - Medium
- January 12, 2023
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
Buffer Overflow
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0
CVE-2020-27801
7.8 - High
- August 25, 2022
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
Out-of-bounds Read
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0
CVE-2020-27796
7.8 - High
- August 25, 2022
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
Out-of-bounds Read
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0
CVE-2020-27797
5.5 - Medium
- August 25, 2022
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
Release of Invalid Pointer or Reference
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0
CVE-2020-27799
7.8 - High
- August 25, 2022
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file.
Out-of-bounds Read
An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0
CVE-2020-27802
5.5 - Medium
- August 25, 2022
An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
Divide By Zero
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0
CVE-2020-27800
7.8 - High
- August 25, 2022
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
Out-of-bounds Read
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0
CVE-2020-27798
5.5 - Medium
- August 25, 2022
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
Release of Invalid Pointer or Reference
An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file
CVE-2020-27788
5.5 - Medium
- August 18, 2022
An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.
Out-of-bounds Read
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp
CVE-2020-27787
5.5 - Medium
- August 18, 2022
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file
CVE-2020-27790
5.5 - Medium
- August 18, 2022
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability.
Divide By Zero
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0
CVE-2021-30501
5.5 - Medium
- May 27, 2021
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.
assertion failure
Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0
CVE-2021-30500
7.8 - High
- May 27, 2021
Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file.
NULL Pointer Dereference
A heap buffer overflow read was discovered in upx 4.0.0
CVE-2020-24119
7.1 - High
- May 14, 2021
A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect.
Out-of-bounds Read
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96
CVE-2021-20285
6.6 - Medium
- March 26, 2021
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability.
Memory Corruption
p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking
CVE-2019-20805
5.5 - Medium
- June 01, 2020
p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_DYNAMIC segment.
Integer Overflow or Wraparound
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95
CVE-2019-20053
5.5 - Medium
- December 27, 2019
An invalid memory address dereference was discovered in the canUnpack function in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
Buffer Overflow
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95
CVE-2019-20051
5.5 - Medium
- December 27, 2019
A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.
Incorrect Calculation
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95
CVE-2019-20021
5.5 - Medium
- December 27, 2019
A heap-based buffer over-read was discovered in canUnpack in p_mach.cpp in UPX 3.95 via a crafted Mach-O file.
Out-of-bounds Read
canUnpack in p_vmlinx.cpp in UPX 3.95
CVE-2019-14296
7.8 - High
- July 27, 2019
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV or buffer overflow, and application crash) or possibly have unspecified other impact via a crafted UPX packed file.
Buffer Overflow
An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95
CVE-2019-14295
5.5 - Medium
- July 27, 2019
An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory.
Integer Overflow or Wraparound
PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95
CVE-2018-11243
7.8 - High
- May 18, 2018
PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of service (double free), limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file.
Double-free
p_mach.cpp in UPX 3.94
CVE-2017-16869
7.8 - High
- November 17, 2017
p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted Mach-O file, related to canPack and unpack functions. NOTE: the vendor has stated "there is no security implication whatsoever.
Buffer Overflow
p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which
CVE-2017-15056
7.8 - High
- October 06, 2017
p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack().
NULL Pointer Dereference
