BusyBox 1.31.0

CPE Details

BusyBox 1.31.0
busybox
busybox
1.31.0
2020-08-04
16h11 +00:00
2020-08-04
16h11 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:busybox:busybox:1.31.0:*:*:*:*:*:*:*

Informations

Vendor

busybox

Product

busybox

Version

1.31.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-48174 2023-08-21
22h00 +00:00		 There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.
9.8
Critical
CVE-2022-28391 2022-04-03
18h20 +00:00		 BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.
8.8
High
CVE-2021-42374 2021-11-14
23h00 +00:00		 An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
5.3
Medium
CVE-2021-42376 2021-11-14
23h00 +00:00		 A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
5.5
Medium
CVE-2021-42378 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
7.2
High
CVE-2021-42379 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
7.2
High
CVE-2021-42380 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function
7.2
High
CVE-2021-42381 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
7.2
High
CVE-2021-42382 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
7.2
High
CVE-2021-42384 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
7.2
High
CVE-2021-42385 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
7.2
High
CVE-2021-42386 2021-11-14
23h00 +00:00		 A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
7.2
High
CVE-2018-1000500 2018-06-26
14h00 +00:00		 Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".
8.1
High