Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie

Type deb

Namespace debian

Name busybox

Version 1:1.30.1-6+deb11u1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.35.0-1

Latest_non_vulnerable_version 1:1.37.0-10.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4muk-rhx5-yqeu

vulnerability_id VCID-4muk-rhx5-yqeu

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42386.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42386.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42386

reference_id

reference_type

scores

value	0.00293
scoring_system	epss
scoring_elements	0.52565
published_at	2026-04-01T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52665
published_at	2026-04-13T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-02T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52634
published_at	2026-04-04T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-07T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52652
published_at	2026-04-08T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52647
published_at	2026-04-09T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52697
published_at	2026-04-11T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52681
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42386

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023938
reference_id	2023938
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023938

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:31:59Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42386

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4muk-rhx5-yqeu

url VCID-4qpt-mxfy-6bh6

vulnerability_id VCID-4qpt-mxfy-6bh6

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42385.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42385.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42385

reference_id

reference_type

scores

value	0.00293
scoring_system	epss
scoring_elements	0.52565
published_at	2026-04-01T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52665
published_at	2026-04-13T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52608
published_at	2026-04-02T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52634
published_at	2026-04-04T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52601
published_at	2026-04-07T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52652
published_at	2026-04-08T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52647
published_at	2026-04-09T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52697
published_at	2026-04-11T12:55:00Z

value	0.00293
scoring_system	epss
scoring_elements	0.52681
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023936
reference_id	2023936
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023936

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42385

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qpt-mxfy-6bh6

url VCID-9fex-zr2n-w3cb

vulnerability_id VCID-9fex-zr2n-w3cb

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42384.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42384.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42384

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023933
reference_id	2023933
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023933

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:01Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42384

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fex-zr2n-w3cb

url VCID-9s28-b1gj-uqaj

vulnerability_id VCID-9s28-b1gj-uqaj

summary busybox: stack overflow vulnerability in ash.c leads to arbitrary code execution

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48174.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48174.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48174

reference_id

reference_type

scores

value	0.00679
scoring_system	epss
scoring_elements	0.71523
published_at	2026-04-02T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.71554
published_at	2026-04-13T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.71588
published_at	2026-04-11T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.71572
published_at	2026-04-12T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.7154
published_at	2026-04-04T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.71513
published_at	2026-04-07T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.71553
published_at	2026-04-08T12:55:00Z

value	0.00679
scoring_system	epss
scoring_elements	0.71565
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48174

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48174
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48174

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059049
reference_id	1059049
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059049

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2237153
reference_id	2237153
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2237153

reference_url	https://access.redhat.com/errata/RHSA-2023:5178
reference_id	RHSA-2023:5178
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5178

reference_url

https://bugs.busybox.net/show_bug.cgi?id=15216

reference_id

show_bug.cgi?id=15216

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-03T14:24:43Z/

url

https://bugs.busybox.net/show_bug.cgi?id=15216

reference_url	https://usn.ubuntu.com/6335-1/
reference_id	USN-6335-1
reference_type
scores
url	https://usn.ubuntu.com/6335-1/

reference_url	https://usn.ubuntu.com/6961-1/
reference_id	USN-6961-1
reference_type
scores
url	https://usn.ubuntu.com/6961-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2022-48174

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9s28-b1gj-uqaj

url VCID-dse8-esmh-3ygm

vulnerability_id VCID-dse8-esmh-3ygm

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42380.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42380.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42380

reference_id

reference_type

scores

value	0.00452
scoring_system	epss
scoring_elements	0.63711
published_at	2026-04-13T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63716
published_at	2026-04-04T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63676
published_at	2026-04-07T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63728
published_at	2026-04-08T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63745
published_at	2026-04-12T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.63759
published_at	2026-04-11T12:55:00Z

value	0.00464
scoring_system	epss
scoring_elements	0.64309
published_at	2026-04-02T12:55:00Z

value	0.00464
scoring_system	epss
scoring_elements	0.64251
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42380

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023912
reference_id	2023912
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023912

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:07Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42380

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dse8-esmh-3ygm

url VCID-gdfa-8gar-47gd

vulnerability_id VCID-gdfa-8gar-47gd

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42379.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42379

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42379

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023904
reference_id	2023904
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023904

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42379

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gdfa-8gar-47gd

url VCID-jjxj-yf1x-4qg5

vulnerability_id VCID-jjxj-yf1x-4qg5

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42378.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42378.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42378

reference_id

reference_type

scores

value	0.00236
scoring_system	epss
scoring_elements	0.4647
published_at	2026-04-01T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46535
published_at	2026-04-13T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46507
published_at	2026-04-02T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46527
published_at	2026-04-12T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46476
published_at	2026-04-07T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46531
published_at	2026-04-09T12:55:00Z

value	0.00236
scoring_system	epss
scoring_elements	0.46555
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42378

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023900
reference_id	2023900
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023900

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:10Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42378

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jjxj-yf1x-4qg5

url VCID-mdmz-hjvu-hke3

vulnerability_id VCID-mdmz-hjvu-hke3

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42382.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42382.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42382

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55117
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55094
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55118
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55093
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55143
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55135
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42382

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023929
reference_id	2023929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023929

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:04Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42382

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mdmz-hjvu-hke3

url VCID-r12h-q1dj-a7b8

vulnerability_id VCID-r12h-q1dj-a7b8

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42381.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42381.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42381

reference_id

reference_type

scores

value	0.00321
scoring_system	epss
scoring_elements	0.54992
published_at	2026-04-01T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55117
published_at	2026-04-13T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55094
published_at	2026-04-02T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55118
published_at	2026-04-04T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55093
published_at	2026-04-07T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55143
published_at	2026-04-09T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55155
published_at	2026-04-11T12:55:00Z

value	0.00321
scoring_system	epss
scoring_elements	0.55135
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42381

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023927
reference_id	2023927
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023927

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	7.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:06Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42381

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r12h-q1dj-a7b8

url VCID-tkat-gfks-kqg9

vulnerability_id VCID-tkat-gfks-kqg9

summary Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42374.json

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-42374.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-42374

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20042
published_at	2026-04-01T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20022
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20189
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20244
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19969
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20049
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20107
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20126
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.2008
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-42374

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2023881
reference_id	2023881
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2023881

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_id

6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567
reference_id	999567
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=999567

reference_url

https://security.archlinux.org/AVG-2561

reference_id

AVG-2561

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2561

reference_url

https://security.archlinux.org/AVG-2562

reference_id

AVG-2562

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2562

reference_url	https://security.gentoo.org/glsa/202407-17
reference_id	GLSA-202407-17
reference_type
scores
url	https://security.gentoo.org/glsa/202407-17

reference_url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_id

ntap-20211223-0002

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://security.netapp.com/advisory/ntap-20211223-0002/

reference_url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_id

unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

reference_url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_id

unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_id

UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:31:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-42374

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkat-gfks-kqg9

url VCID-v6td-yjyg-rub4

vulnerability_id VCID-v6td-yjyg-rub4

summary busybox: use-after-free

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42365.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42365.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-42365

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.09224
published_at	2026-04-13T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09269
published_at	2026-04-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09238
published_at	2026-04-12T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09225
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09148
published_at	2026-04-07T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09229
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09267
published_at	2026-04-09T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09473
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-42365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42365

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059052
reference_id	1059052
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059052

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2251853
reference_id	2251853
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2251853

reference_url	https://usn.ubuntu.com/6961-1/
reference_id	USN-6961-1
reference_type
scores
url	https://usn.ubuntu.com/6961-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2023-42365

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6td-yjyg-rub4

url VCID-vpmv-afzs-tffj

vulnerability_id VCID-vpmv-afzs-tffj

summary

A vulnerability in BusyBox might allow remote attackers to cause a
    Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28831.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28831.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28831

reference_id

reference_type

scores

value	0.01019
scoring_system	epss
scoring_elements	0.77155
published_at	2026-04-01T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77217
published_at	2026-04-13T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77161
published_at	2026-04-02T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77191
published_at	2026-04-04T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77173
published_at	2026-04-07T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77205
published_at	2026-04-08T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77214
published_at	2026-04-09T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.77241
published_at	2026-04-11T12:55:00Z

value	0.01019
scoring_system	epss
scoring_elements	0.7722
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28831

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28831

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1941028
reference_id	1941028
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1941028

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/

reference_id

3UDQGJRECXFS5EZVDH2OI45FMO436AC4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UDQGJRECXFS5EZVDH2OI45FMO436AC4/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985674
reference_id	985674
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985674

reference_url	https://security.archlinux.org/ASA-202103-11
reference_id	ASA-202103-11
reference_type
scores
url	https://security.archlinux.org/ASA-202103-11

reference_url	https://security.archlinux.org/ASA-202103-12
reference_id	ASA-202103-12
reference_type
scores
url	https://security.archlinux.org/ASA-202103-12

reference_url

https://security.archlinux.org/AVG-1707

reference_id

AVG-1707

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1707

reference_url

https://security.archlinux.org/AVG-1708

reference_id

AVG-1708

reference_type

scores

value	Low
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1708

reference_url

https://security.gentoo.org/glsa/202105-09

reference_id

GLSA-202105-09

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://security.gentoo.org/glsa/202105-09

reference_url

https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_id

?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html

reference_id

msg00001.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00001.html

reference_url	https://usn.ubuntu.com/5179-1/
reference_id	USN-5179-1
reference_type
scores
url	https://usn.ubuntu.com/5179-1/

reference_url	https://usn.ubuntu.com/5179-2/
reference_id	USN-5179-2
reference_type
scores
url	https://usn.ubuntu.com/5179-2/

reference_url	https://usn.ubuntu.com/6335-1/
reference_id	USN-6335-1
reference_type
scores
url	https://usn.ubuntu.com/6335-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/

reference_id

Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7ZIFKPRR32ZYA3WAA2NXFA3QHHOU6FJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/

reference_id

ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AC:L/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:57:33Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZASBW7QRRLY5V2R44MQ4QQM4CZIDHM2U/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.35.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

purl pkg:deb/debian/busybox@1:1.35.0-4?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-9s28-b1gj-uqaj

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-v6td-yjyg-rub4

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-y9hd-5med-67c4

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.35.0-4%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2021-28831

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpmv-afzs-tffj

url VCID-y9hd-5med-67c4

vulnerability_id VCID-y9hd-5med-67c4

summary busybox: use-after-free

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42364.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42364.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-42364

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.09224
published_at	2026-04-13T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09229
published_at	2026-04-08T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09267
published_at	2026-04-09T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09269
published_at	2026-04-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09238
published_at	2026-04-12T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09225
published_at	2026-04-04T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09148
published_at	2026-04-07T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09473
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-42364

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42364
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42364

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059051
reference_id	1059051
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059051

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2251855
reference_id	2251855
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2251855

reference_url

https://bugs.busybox.net/show_bug.cgi?id=15868

reference_id

show_bug.cgi?id=15868

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-10T20:28:22Z/

url

https://bugs.busybox.net/show_bug.cgi?id=15868

reference_url	https://usn.ubuntu.com/6961-1/
reference_id	USN-6961-1
reference_type
scores
url	https://usn.ubuntu.com/6961-1/

fixed_packages

url pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.30.1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-8r73-bpac-dubc

vulnerability	VCID-92nk-cwc9-rkg4

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-rp81-5jrg-jkht

vulnerability	VCID-svyb-nqje-dbcs

vulnerability	VCID-syfd-zx16-n3gy

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-vjyq-6k64-7fat

vulnerability	VCID-xjbx-z3d5-5bad

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.30.1-6%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-1%3Fdistro=trixie

url pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

purl pkg:deb/debian/busybox@1:1.37.0-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-8844-hdkd-yyc7

vulnerability	VCID-fugr-ve7z-efdb

vulnerability	VCID-g5t1-3tab-uuf9

vulnerability	VCID-jjqh-pw7r-buau

vulnerability	VCID-n1u3-njfx-vfcp

vulnerability	VCID-t62w-rrsb-vqgy

vulnerability	VCID-ytff-pgz4-tub2

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-6%3Fdistro=trixie

url	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
purl	pkg:deb/debian/busybox@1:1.37.0-10.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.37.0-10.1%3Fdistro=trixie

aliases CVE-2023-42364

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y9hd-5med-67c4

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/busybox@1:1.30.1-6%252Bdeb11u1%3Fdistro=trixie

Package Instance