CVE-2021-42380

Опубликовано: 15 нояб. 2021

Источник: debian

EPSS Низкий

Описание

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
busybox	fixed	1:1.35.0-1		package
busybox	no-dsa		buster	package
busybox	postponed		stretch	package

Примечания

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

EPSS

Процентиль: 63%

0.00453

Низкий

Связанные уязвимости

CVE-2021-42380

CVSS3: 7.2

ubuntu

около 4 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

CVE-2021-42380

CVSS3: 6.6

redhat

около 4 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

CVE-2021-42380

CVSS3: 7.2

nvd

около 4 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

CVE-2021-42380

CVSS3: 7.2

msrc

около 4 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

GHSA-f96c-9cw7-3qmc

CVSS3: 7.2

github

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

EPSS

Процентиль: 63%

0.00453

Низкий