CVE-2021-42383

Опубликовано: 15 нояб. 2021

Источник: debian

EPSS Низкий

Описание

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
busybox	fixed	1:1.35.0-1		package
busybox	postponed		bullseye	package
busybox	postponed		buster	package
busybox	postponed		stretch	package

Примечания

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

EPSS

Процентиль: 50%

0.00269

Низкий

Связанные уязвимости

CVE-2021-42383

CVSS3: 7.2

ubuntu

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

CVE-2021-42383

CVSS3: 6.6

redhat

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

CVE-2021-42383

CVSS3: 7.2

nvd

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

GHSA-xhv3-6p64-vccw

CVSS3: 7.2

github

около 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

BDU:2025-05991

CVSS3: 7.2

fstec

больше 3 лет назад

Уязвимость функции evaluate набора утилит командной строки BusyBox, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 50%

0.00269

Низкий