CVE-2025-46394

Опубликовано: 23 апр. 2025

Источник: debian

EPSS Низкий

Описание

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

Пакет	Статус	Версия исправления	Релиз	Тип
busybox	fixed	1:1.37.0-8		package
busybox	postponed		trixie	package
busybox	postponed		bookworm	package
busybox	postponed		bullseye	package

https://bugs.busybox.net/show_bug.cgi?id=16018
https://www.openwall.com/lists/oss-security/2025/04/23/1
Proposed patch: https://lists.busybox.net/pipermail/busybox/2025-April/091461.html

EPSS

Процентиль: 24%

0.00083

Низкий

CVE-2025-46394

CVSS3: 3.2

ubuntu

11 месяцев назад

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

CVE-2025-46394

CVSS3: 3.2

nvd

11 месяцев назад

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

CVE-2025-46394

msrc

4 месяца назад

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

ROS-20260327-73-0002

CVSS3: 3.3

redos

7 дней назад

Уязвимость busybox

GHSA-wp4q-9jq4-gv74

CVSS3: 3.2

github

11 месяцев назад

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

EPSS

Процентиль: 24%

0.00083

Низкий