A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32(). The problem is essentially caused in PackLinuxElf32::elflookup() at plxelf.cpp:5349
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-43315.json"