CVE-2026-26157 affecting package busybox for versions less than 1.36.1-22

CVE-2026-26157 affecting package busybox for versions less than 1.36.1-22. A patched version of the package is available...

AZL-77613 CVE-2026-26158 affecting package busybox for versions less than 1.36.1-22

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to...

Incorrect Authorization

Overview github.com/mattermost/mattermost-plugin-playbooks/server/app is a package for reliable and repeatable processes using checklists, automation, and retrospectives Affected versions of this package are vulnerable to Incorrect Authorization via the playbooks handler failing to properly...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the playbooks handler failing to properly retrieve IsGuest for guest users. An attacker can gain unauthorized access to sensitive playbook run information by sending crafted requests as a guest user...

AZL-60936 CVE-2025-46394 affecting package busybox 1.36.1-22

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences...

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.

...

CVE-2023-42365 affecting package busybox for versions less than 1.36.1-7

CVE-2023-42365 affecting package busybox for versions less than 1.36.1-7. A patched version of the package is available...

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.

...

A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.

...

OESA-2024-1902 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: A...

OPENSUSE-SU-2024:13181-1 busybox-1.36.1-2.1 on GA media

These are all security issues fixed in the busybox-1.36.1-2.1 package on the GA media of openSUSE Tumbleweed...

CVE-2022-28391 affecting package busybox for versions less than 1.36.1-3

CVE-2022-28391 affecting package busybox for versions less than 1.36.1-3. A patched version of the package is available...

SUSE CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42363

A use-after-free vulnerability was discovered in xasprintf function in xfuncsprintf.c:344 in BusyBox v.1.36.1...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

UBUNTU-CVE-2023-42364

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...

ALPINE-CVE-2023-42363

A use-after-free vulnerability was discovered in xasprintf function in xfuncsprintf.c:344 in BusyBox v.1.36.1...

UBUNTU-CVE-2023-42363

A use-after-free vulnerability was discovered in xasprintf function in xfuncsprintf.c:344 in BusyBox v.1.36.1...

BusyBox Security Breach

BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox version v.1.36.1, which stems from the presence of a heap buffer overflow vulnerability...

BusyBox Security Breach

BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox version v.1.36.1, which stems from the presence of a post-release reuse vulnerability...