Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/busybox@1:1.35.0-4
purl pkg:deb/debian/busybox@1:1.35.0-4
Next non-vulnerable version 1:1.35.0-4+deb12u1
Latest non-vulnerable version 1:1.37.0-10.1
Risk 4.4
Vulnerabilities affecting this package (12)
Vulnerability Summary Fixed by
VCID-8844-hdkd-yyc7
Aliases:
CVE-2026-26158
busybox: BusyBox: Arbitrary file modification and privilege escalation via unvalidated tar archive entries
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
VCID-9s28-b1gj-uqaj
Aliases:
CVE-2022-48174
busybox: stack overflow vulnerability in ash.c leads to arbitrary code execution
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
VCID-fugr-ve7z-efdb
Aliases:
CVE-2026-26157
busybox: BusyBox: Arbitrary file overwrite and potential code execution via incomplete path sanitization
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
VCID-g5t1-3tab-uuf9
Aliases:
CVE-2024-58251
In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
VCID-jjqh-pw7r-buau
Aliases:
CVE-2025-46394
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
VCID-n1u3-njfx-vfcp
Aliases:
CVE-2023-42366
busybox: A heap-buffer-overflow
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
VCID-syfd-zx16-n3gy
Aliases:
CVE-2022-30065
busybox: A use-after-free in Busybox's awk applet leads to denial of service
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
VCID-t62w-rrsb-vqgy
Aliases:
CVE-2025-60876
busybox: BusyBox wget: HTTP request-target allows header injection
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
VCID-v6td-yjyg-rub4
Aliases:
CVE-2023-42365
busybox: use-after-free
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
VCID-xjbx-z3d5-5bad
Aliases:
CVE-2023-42363
busybox: use-after-free in awk
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
VCID-y9hd-5med-67c4
Aliases:
CVE-2023-42364
busybox: use-after-free
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
VCID-ytff-pgz4-tub2
Aliases:
CVE-2023-39810
busybox: CPIO command of Busybox allows attackers to execute a directory traversal
1:1.35.0-4+deb12u1
Affected by 0 other vulnerabilities.
1:1.37.0-10.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (18)
Vulnerability Summary Aliases
VCID-4muk-rhx5-yqeu Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42386
VCID-4qpt-mxfy-6bh6 Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42385
VCID-8r73-bpac-dubc Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42377
VCID-92nk-cwc9-rkg4 Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42375
VCID-9fex-zr2n-w3cb Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42384
VCID-9s28-b1gj-uqaj busybox: stack overflow vulnerability in ash.c leads to arbitrary code execution CVE-2022-48174
VCID-dse8-esmh-3ygm Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42380
VCID-gdfa-8gar-47gd Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42379
VCID-jjxj-yf1x-4qg5 Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42378
VCID-mdmz-hjvu-hke3 Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42382
VCID-r12h-q1dj-a7b8 Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42381
VCID-rp81-5jrg-jkht Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42373
VCID-svyb-nqje-dbcs Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42383
VCID-tkat-gfks-kqg9 Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42374
VCID-v6td-yjyg-rub4 busybox: use-after-free CVE-2023-42365
VCID-vjyq-6k64-7fat Multiple vulnerabilities have been discovered in BusyBox, the worst of which could lead to arbitrary code execution. CVE-2021-42376
VCID-vpmv-afzs-tffj A vulnerability in BusyBox might allow remote attackers to cause a Denial of Service condition. CVE-2021-28831
VCID-y9hd-5med-67c4 busybox: use-after-free CVE-2023-42364

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T18:29:11.067433+00:00 Debian Oval Importer Fixing VCID-r12h-q1dj-a7b8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:40:09.750858+00:00 Debian Oval Importer Fixing VCID-dse8-esmh-3ygm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:45:13.911161+00:00 Debian Oval Importer Fixing VCID-vpmv-afzs-tffj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-13T09:14:10.269934+00:00 Debian Importer Affected by VCID-y9hd-5med-67c4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T09:05:32.918031+00:00 Debian Importer Affected by VCID-8844-hdkd-yyc7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:38:13.836513+00:00 Debian Importer Fixing VCID-92nk-cwc9-rkg4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:30:59.019346+00:00 Debian Importer Affected by VCID-g5t1-3tab-uuf9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:30:23.363363+00:00 Debian Importer Affected by VCID-xjbx-z3d5-5bad https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:07:15.829399+00:00 Debian Importer Affected by VCID-9s28-b1gj-uqaj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:01:28.268994+00:00 Debian Importer Affected by VCID-n1u3-njfx-vfcp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:00:15.154646+00:00 Debian Importer Affected by VCID-jjqh-pw7r-buau https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:49:43.525451+00:00 Debian Importer Fixing VCID-rp81-5jrg-jkht https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:29:51.568024+00:00 Debian Importer Fixing VCID-8r73-bpac-dubc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:29:03.842826+00:00 Debian Importer Fixing VCID-svyb-nqje-dbcs https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:20:29.818564+00:00 Debian Importer Affected by VCID-fugr-ve7z-efdb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:16:43.930258+00:00 Debian Importer Affected by VCID-v6td-yjyg-rub4 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:14:24.659354+00:00 Debian Importer Affected by VCID-t62w-rrsb-vqgy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:02:38.623748+00:00 Debian Importer Affected by VCID-syfd-zx16-n3gy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T23:02:53.378440+00:00 Debian Oval Importer Fixing VCID-jjxj-yf1x-4qg5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:51:21.205541+00:00 Debian Oval Importer Fixing VCID-y9hd-5med-67c4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:32:11.970292+00:00 Debian Oval Importer Fixing VCID-9s28-b1gj-uqaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:00:55.364297+00:00 Debian Oval Importer Fixing VCID-9fex-zr2n-w3cb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:38:40.114956+00:00 Debian Oval Importer Fixing VCID-4qpt-mxfy-6bh6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T21:08:35.332177+00:00 Debian Oval Importer Fixing VCID-tkat-gfks-kqg9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:41:10.521202+00:00 Debian Oval Importer Fixing VCID-4muk-rhx5-yqeu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:12:38.652110+00:00 Debian Oval Importer Fixing VCID-v6td-yjyg-rub4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:53.853299+00:00 Debian Oval Importer Fixing VCID-gdfa-8gar-47gd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:55:20.765150+00:00 Debian Oval Importer Fixing VCID-mdmz-hjvu-hke3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:14:08.785440+00:00 Debian Oval Importer Fixing VCID-r12h-q1dj-a7b8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:52:10.542204+00:00 Debian Importer Fixing VCID-vjyq-6k64-7fat https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:48:44.804784+00:00 Debian Importer Affected by VCID-ytff-pgz4-tub2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:26:19.161631+00:00 Debian Oval Importer Fixing VCID-dse8-esmh-3ygm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:32:58.429888+00:00 Debian Oval Importer Fixing VCID-vpmv-afzs-tffj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:36:47.310858+00:00 Debian Oval Importer Fixing VCID-jjxj-yf1x-4qg5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:25:54.907476+00:00 Debian Oval Importer Fixing VCID-y9hd-5med-67c4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T22:07:44.647774+00:00 Debian Oval Importer Fixing VCID-9s28-b1gj-uqaj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:38:00.112970+00:00 Debian Oval Importer Fixing VCID-9fex-zr2n-w3cb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:16:42.005500+00:00 Debian Oval Importer Fixing VCID-4qpt-mxfy-6bh6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:47:38.973239+00:00 Debian Oval Importer Fixing VCID-tkat-gfks-kqg9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:24:08.522069+00:00 Debian Oval Importer Fixing VCID-4muk-rhx5-yqeu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:56:40.410386+00:00 Debian Oval Importer Fixing VCID-v6td-yjyg-rub4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:45:23.623464+00:00 Debian Oval Importer Fixing VCID-gdfa-8gar-47gd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:40:00.968772+00:00 Debian Oval Importer Fixing VCID-mdmz-hjvu-hke3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:00:24.822528+00:00 Debian Oval Importer Fixing VCID-r12h-q1dj-a7b8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:14:25.033253+00:00 Debian Oval Importer Fixing VCID-dse8-esmh-3ygm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:27:07.796226+00:00 Debian Oval Importer Fixing VCID-vpmv-afzs-tffj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-02T17:18:19.532260+00:00 Debian Importer Affected by VCID-y9hd-5med-67c4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:17:48.049771+00:00 Debian Importer Affected by VCID-8844-hdkd-yyc7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:15:32.759232+00:00 Debian Importer Fixing VCID-92nk-cwc9-rkg4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:15:03.432474+00:00 Debian Importer Affected by VCID-g5t1-3tab-uuf9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:14:56.967112+00:00 Debian Importer Affected by VCID-xjbx-z3d5-5bad https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:13:02.787438+00:00 Debian Importer Affected by VCID-9s28-b1gj-uqaj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:12:40.925337+00:00 Debian Importer Affected by VCID-n1u3-njfx-vfcp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:12:37.917302+00:00 Debian Importer Affected by VCID-jjqh-pw7r-buau https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:11:49.123184+00:00 Debian Importer Fixing VCID-rp81-5jrg-jkht https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:10:11.449981+00:00 Debian Importer Fixing VCID-8r73-bpac-dubc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:10:09.779999+00:00 Debian Importer Fixing VCID-svyb-nqje-dbcs https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:09:38.160070+00:00 Debian Importer Affected by VCID-fugr-ve7z-efdb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:09:22.182790+00:00 Debian Importer Affected by VCID-v6td-yjyg-rub4 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:09:08.890669+00:00 Debian Importer Affected by VCID-t62w-rrsb-vqgy https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:08:10.564185+00:00 Debian Importer Affected by VCID-syfd-zx16-n3gy https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:02:33.927834+00:00 Debian Importer Fixing VCID-vjyq-6k64-7fat https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:02:14.062253+00:00 Debian Importer Affected by VCID-ytff-pgz4-tub2 https://security-tracker.debian.org/tracker/data/json 38.1.0