Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/busybox@1:1.37.0-10.1
purl pkg:deb/debian/busybox@1:1.37.0-10.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (7)
Vulnerability Summary Aliases
VCID-8844-hdkd-yyc7 busybox: BusyBox: Arbitrary file modification and privilege escalation via unvalidated tar archive entries CVE-2026-26158
VCID-fugr-ve7z-efdb busybox: BusyBox: Arbitrary file overwrite and potential code execution via incomplete path sanitization CVE-2026-26157
VCID-g5t1-3tab-uuf9 In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim. CVE-2024-58251
VCID-jjqh-pw7r-buau In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. CVE-2025-46394
VCID-n1u3-njfx-vfcp busybox: A heap-buffer-overflow CVE-2023-42366
VCID-t62w-rrsb-vqgy busybox: BusyBox wget: HTTP request-target allows header injection CVE-2025-60876
VCID-ytff-pgz4-tub2 busybox: CPIO command of Busybox allows attackers to execute a directory traversal CVE-2023-39810

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-13T09:05:32.935040+00:00 Debian Importer Fixing VCID-8844-hdkd-yyc7 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:30:59.033881+00:00 Debian Importer Fixing VCID-g5t1-3tab-uuf9 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:01:28.283699+00:00 Debian Importer Fixing VCID-n1u3-njfx-vfcp https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:00:15.170522+00:00 Debian Importer Fixing VCID-jjqh-pw7r-buau https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:20:29.837091+00:00 Debian Importer Fixing VCID-fugr-ve7z-efdb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:14:24.667277+00:00 Debian Importer Fixing VCID-t62w-rrsb-vqgy https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:48:44.818601+00:00 Debian Importer Fixing VCID-ytff-pgz4-tub2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:17:48.064709+00:00 Debian Importer Fixing VCID-8844-hdkd-yyc7 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:15:03.446316+00:00 Debian Importer Fixing VCID-g5t1-3tab-uuf9 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:12:40.939603+00:00 Debian Importer Fixing VCID-n1u3-njfx-vfcp https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:12:37.931882+00:00 Debian Importer Fixing VCID-jjqh-pw7r-buau https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:09:38.173372+00:00 Debian Importer Fixing VCID-fugr-ve7z-efdb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:09:08.904692+00:00 Debian Importer Fixing VCID-t62w-rrsb-vqgy https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:02:14.079442+00:00 Debian Importer Fixing VCID-ytff-pgz4-tub2 https://security-tracker.debian.org/tracker/data/json 38.1.0