2 matches found
CVE-2025-46394
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences...
MGASA-2021-0533 Updated busybox packages fix security vulnerability
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. CVE-2021-42376 An attacker-controlled...