CVE-2026-26158 affecting package busybox for versions less than 1.36.1-22

CVE-2026-26158 affecting package busybox for versions less than 1.36.1-22. A patched version of the package is available...

AZL-77610 CVE-2026-26157 affecting package busybox for versions less than 1.36.1-22

A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentiall...

Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions prior to 1.36.1, prior to 1.35.5, prior to 1.34.9, and prior to 1.33.10, which stems from improper management of flow control and could result in a crash of the TCP...

AZL-34576 CVE-2023-42365 affecting package busybox for versions less than 1.36.1-7

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...

AZL-34575 CVE-2023-42364 affecting package busybox for versions less than 1.36.1-7

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...