Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to the generic pointer 'p' pointing to an inaccessible address in the getle64 function. Remediation Upgrade upx to version 4.2.1 or higher. References - GitHub Commit - GitHub Issue Credit: 14isnot40...