Nixpkgs Security Tracker

Login with GitHub
⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Dismissed
(browse all)
Permalink CVE-2023-23456
updated 1 year, 1 month ago by @LeSuisse Activity log
  • Created automatic suggestion 1 year, 1 month ago
  • @LeSuisse dismissed 1 year, 1 month ago
Upx: heap-buffer-overflow in packtmt::pack()

A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.

Affected products

upx
  • *

Matching in nixpkgs

pkgs.upx

Ultimate Packer for eXecutables