Описание
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| busybox | unfixed | package | ||
| busybox | postponed | trixie | package | |
| busybox | postponed | bookworm | package |
Примечания
https://bugs.busybox.net/show_bug.cgi?id=16018
https://www.openwall.com/lists/oss-security/2025/04/23/1
Proposed patch: https://lists.busybox.net/pipermail/busybox/2025-April/091461.html
EPSS
Процентиль: 3%
0.00017
Низкий
Связанные уязвимости
CVSS3: 3.2
ubuntu
около 2 месяцев назад
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
CVSS3: 3.2
nvd
около 2 месяцев назад
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
CVSS3: 3.2
github
около 2 месяцев назад
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
EPSS
Процентиль: 3%
0.00017
Низкий