Busybox Security Vulnerabilities and Issues — Busybox CVE List

Lucene search

BusyboxBusybox

6 matches found

CVE•added 2023/08/22 7:16 p.m.•543 views

CVE-2022-48174

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

9.8CVSS9.6AI score0.00463EPSS

CVE•added 2023/11/27 11:15 p.m.•119 views

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.

5.5CVSS5.3AI score0.00027EPSS

CVE•added 2023/11/27 10:15 p.m.•76 views

CVE-2023-42363

A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.

5.5CVSS5.4AI score0.00026EPSS

CVE•added 2023/08/28 7:15 p.m.•57 views

CVE-2023-39810

An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.

7.8CVSS7.7AI score0.00094EPSS

CVE•added 2023/11/27 11:15 p.m.•57 views

CVE-2023-42365

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.

5.5CVSS5.3AI score0.00032EPSS

CVE•added 2023/11/27 11:15 p.m.•56 views

CVE-2023-42364

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

5.5CVSS5.2AI score0.00032EPSS