Busybox: >> Busybox >> 1.31.0 Security Vulnerabilities
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
CVSS Score
7.2
EPSS Score
0.002
Published
2021-11-15
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
CVSS Score
7.2
EPSS Score
0.002
Published
2021-11-15
Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".
CVSS Score
8.1
EPSS Score
0.005
Published
2018-06-26
Page 2