14341 – BusyBox – 14 new vulnerabilities

Bug 14341 - BusyBox – 14 new vulnerabilities

Summary: BusyBox – 14 new vulnerabilities

Status:	RESOLVED FIXED

Alias:	None

Product:	Busybox
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	1.33.x
Hardware:	All Linux

Importance:	P5 normal
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-11-10 08:18 UTC by xiechengliang
Modified:	2021-12-08 12:00 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description xiechengliang 2021-11-10 08:18:13 UTC

The jfrog website has disclosed 14 vulnerabilities, and fixed in version buysbox 1.34.0.  but I can’t find which is the repair commit for each CVE.
  
who can help me?

Reference: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

Comment 1 xiechengliang 2021-12-08 11:59:38 UTC

http://lists.busybox.net/pipermail/busybox/2021-November/089328.html