CVE-2023-42364

Опубликовано: 27 нояб. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 5.5

Описание

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	released	1:1.36.1-6ubuntu4
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
focal	not-affected	code not present
jammy	not-affected	code not present
lunar	ignored	end of life, was deferred [2024-06-17]
mantic	ignored	end of life, was deferred [2024-06-17]

Показывать по

Ссылки на источники

EPSS

Процентиль: 9%

0.00032

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-42364

CVSS3: 7.8

redhat

около 2 лет назад

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

CVE-2023-42364

CVSS3: 5.5

nvd

около 2 лет назад

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

CVE-2023-42364

CVSS3: 5.5

msrc

5 месяцев назад

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

CVE-2023-42364

CVSS3: 5.5

debian

около 2 лет назад

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to ...

GHSA-qqqj-6rp2-5pw4

CVSS3: 5.5

github

около 2 лет назад

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

EPSS

Процентиль: 9%

0.00032

Низкий

5.5 Medium

CVSS3

CVE-2023-42364

Описание

Пакет busybox

Ссылки на источники

Связанные уязвимости