busybox-static (SUSE:Linux Enterprise Module for Basesystem 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 SP2 package busybox-static, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2018-1000517 — CVSS 9.8 (critical): BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in…
CVE-2018-1000500 — CVSS 8.1 (high): Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code…
CVE-2011-5325 — CVSS 7.5 (high): Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside…
CVE-2018-20679 — CVSS 7.5 (high): An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and…
CVE-2021-28831 — CVSS 7.5 (high): decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or…