CVE-2019-1010048 — Vulnetix

CVE-2019-1010048 PUBLISHED CVSS 8.600000381469727 HIGH

UPX 3.95 is affected by: Integer Overflow. The impact is: attacker can cause a denial of service. The component is: src/p_lx_elf.cpp PackLinuxElf32::PackLinuxElf32help1() Line 262. The attack vector is: the victim must open a specially crafted ELF file.

EPSS 0.24% · 64.0th percentile

Risk Scores

CVSS 4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

0.24%

64.0th percentile

Timeline

Jul 16, 2019 CVE Published
May 24, 2022 CVE Updated
Feb 8, 2024 EPSS Score
Feb 22, 2024 EPSS Score
Mar 7, 2024 EPSS Score
Mar 20, 2024 EPSS Score
Apr 3, 2024 EPSS Score
Apr 17, 2024 EPSS Score
May 1, 2024 EPSS Score
May 15, 2024 EPSS Score
May 29, 2024 EPSS Score
Jun 11, 2024 EPSS Score

References

https://nvd.nist.gov/vuln/detail/CVE-2019-1010048 advisory
https://github.com/upx/upx/pull/190 url

Open in Interactive Console →