Known Vulnerabilities for products from Busybox
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Busybox".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
CVE | Shortened Description | Severity | Publish Date | Last Modified |
---|---|---|---|---|
CVE-2023-39810 | An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal. | 7.8 - HIGH | 2023-08-28 | 2023-08-28 |
CVE-2022-48174 | There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, thi... | 9.8 - CRITICAL | 2023-08-22 | 2023-08-22 |
CVE-2021-42386 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42385 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42384 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42383 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42382 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42381 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42380 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42379 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42378 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk... | 7.2 - HIGH | 2021-11-15 | 2023-04-25 |
CVE-2021-42377 | An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when proc... | 9.8 - CRITICAL | 2021-11-15 | 2023-04-25 |
CVE-2021-42376 | A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due t... | 5.5 - MEDIUM | 2021-11-15 | 2023-04-25 |
CVE-2021-42375 | An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell... | 5.5 - MEDIUM | 2021-11-15 | 2023-04-25 |
CVE-2021-42374 | An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compr... | 5.3 - MEDIUM | 2021-11-15 | 2023-04-25 |
CVE-2021-42373 | A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page arg... | 5.5 - MEDIUM | 2021-11-15 | 2023-04-25 |
CVE-2021-28831 | decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant inv... | 7.5 - HIGH | 2021-03-19 | 2022-05-20 |
CVE-2019-13473 | TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imper... | 9.8 - CRITICAL | 2019-09-11 | 2023-09-05 |
CVE-2019-5747 | An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, cl... | 7.5 - HIGH | 2019-01-09 | 2022-10-29 |
CVE-2018-1000517 | BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vuln... | 9.8 - CRITICAL | 2018-06-26 | 2021-02-18 |
Known software with vulnerabilities from Busybox
Type | Vendor | Product | Version |
---|---|---|---|
Application | Busybox | Busybox | - |
Popular searches for "Busybox"

BusyBox4Collection of Unix tools in a single executable file
BusyBox

BusyBox Andy Shevchenko modprobe: add support for modprobe.blacklist=module1,module2,... Audun-Marius Gangst: lineedit: fix unicode characters in prompt Christian Eggers: shell: fix "read -d ''" behavior ip: add support for "noprefixroute" option ip address: add support for "valid lft" and "preferred lft" options chrt: support for musl C library Cristian Ionescu-Idbohrn: fix warning: label 'out1' defined but not used Denys Vlasenko: avoid using strtok - eliminates use of hidden global variable use write str functions where appropriate fixes for Hurd build move ADJTIME PATH define to header files examples: remove /sbin/ prefixes, system should be configured with $PATH to find utilities build system: combat gcc zealotry in data alignment build system: make -static-libgcc selectable in config libbb: add and use infrastructure for fixed page size optimization libbb: bb do delay 3 -> pause after failed login , and stop looping there libbb: change decode base32/64 API to return the end of dst
Almquist shell BusyBox Command-line interface Shell (computing) Configure script Build automation Directory (computing) Character (computing) Subroutine Unicode PATH (variable) Base32 Data compression String (computer science) Udhcpc List of DOS commands Errno.h Modprobe Unix shell SIGHUP