CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-20051

A floating-point exception was discovered in PackLinuxElf::elf_hash in p_lx_elf.cpp in UPX 3.95. The vulnerability causes an application crash, which leads to denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.3%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://github.com/upx/upx/issues/313
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D7XU42G6MUQQXHWRP7DCF2JSIBOJ5GOO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUTVSTXAFTD552NO2K2RIF6MDQEHP3BE/
https://github.com/upx/upx/issues/313
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D7XU42G6MUQQXHWRP7DCF2JSIBOJ5GOO/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EUTVSTXAFTD552NO2K2RIF6MDQEHP3BE/

Products affected by CVE-2019-20051

Upx » Upx » Version: 3.95

cpe:2.3:a:upx:upx:3.95
Fedoraproject » Fedora » Version: 30

cpe:2.3:o:fedoraproject:fedora:30
Fedoraproject » Fedora » Version: 31

cpe:2.3:o:fedoraproject:fedora:31

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-20051

Products

Pricing

Contact Us