2021-11-15 22:01:09 +00:00
|
|
|
{
|
|
|
|
|
"data_type": "CVE",
|
|
|
|
|
"data_format": "MITRE",
|
|
|
|
|
"data_version": "4.0",
|
|
|
|
|
"CVE_data_meta": {
|
|
|
|
|
"ID": "CVE-2021-42373",
|
|
|
|
|
"ASSIGNER": "security@jfrog.com",
|
|
|
|
|
"STATE": "PUBLIC"
|
|
|
|
|
},
|
|
|
|
|
"affects": {
|
|
|
|
|
"vendor": {
|
|
|
|
|
"vendor_data": [
|
|
|
|
|
{
|
|
|
|
|
"vendor_name": "busybox",
|
|
|
|
|
"product": {
|
|
|
|
|
"product_data": [
|
|
|
|
|
{
|
|
|
|
|
"product_name": "busybox",
|
|
|
|
|
"version": {
|
|
|
|
|
"version_data": [
|
|
|
|
|
{
|
|
|
|
|
"version_value": "1.34.0",
|
|
|
|
|
"version_affected": "<"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"problemtype": {
|
|
|
|
|
"problemtype_data": [
|
|
|
|
|
{
|
|
|
|
|
"description": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "CWE-476"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"impact": {
|
|
|
|
|
"cvssv3": {
|
|
|
|
|
"SCORE": "5.1"
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"references": {
|
|
|
|
|
"reference_data": [
|
|
|
|
|
{
|
|
|
|
|
"url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/",
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/"
|
2021-11-25 03:01:00 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"refsource": "FEDORA",
|
|
|
|
|
"name": "FEDORA-2021-5a95823596",
|
|
|
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/"
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"refsource": "FEDORA",
|
|
|
|
|
"name": "FEDORA-2021-c52c0fe490",
|
|
|
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/"
|
2021-12-23 13:01:06 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"refsource": "CONFIRM",
|
|
|
|
|
"name": "https://security.netapp.com/advisory/ntap-20211223-0002/",
|
|
|
|
|
"url": "https://security.netapp.com/advisory/ntap-20211223-0002/"
|
2023-04-25 21:00:36 +00:00
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
"refsource": "MISC",
|
|
|
|
|
"name": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog",
|
|
|
|
|
"url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog"
|
2021-11-15 22:01:09 +00:00
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
},
|
|
|
|
|
"description": {
|
|
|
|
|
"description_data": [
|
|
|
|
|
{
|
|
|
|
|
"lang": "eng",
|
|
|
|
|
"value": "A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given"
|
|
|
|
|
}
|
|
|
|
|
]
|
|
|
|
|
}
|
2021-10-14 19:00:58 +00:00
|
|
|
}
|
