CVE-2021-42382

Опубликовано: 15 нояб. 2021

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 6.5

CVSS3: 7.2

Описание

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function

Релиз	Статус	Примечание
bionic	released	1:1.27.2-2ubuntu3.4
devel	released	1:1.30.1-7ubuntu2
esm-infra-legacy/trusty	ignored	see notes
esm-infra/bionic	not-affected	1:1.27.2-2ubuntu3.4
esm-infra/focal	not-affected	1:1.30.1-4ubuntu6.4
esm-infra/xenial	ignored	see notes
focal	released	1:1.30.1-4ubuntu6.4
hirsute	released	1:1.30.1-6ubuntu2.1
impish	released	1:1.30.1-6ubuntu3.1
jammy	released	1:1.30.1-7ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 42%

0.00197

Низкий

6.5 Medium

CVSS2

7.2 High

CVSS3

Связанные уязвимости

CVE-2021-42382

CVSS3: 6.6

redhat

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function

CVE-2021-42382

CVSS3: 7.2

nvd

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function

CVE-2021-42382

CVSS3: 7.2

msrc

больше 3 лет назад

Описание отсутствует

CVE-2021-42382

CVSS3: 7.2

debian

больше 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service an ...

GHSA-xpm2-jxrf-prmx

CVSS3: 7.2

github

около 3 лет назад

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function

EPSS

Процентиль: 42%

0.00197

Низкий

6.5 Medium

CVSS2

7.2 High

CVSS3

CVE-2021-42382

Описание

Пакет busybox

Ссылки на источники

Связанные уязвимости