Published: 18/05/2022 Updated: 11/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
busybox busybox 1.35.0
siemens scalance_sc622-2c_firmware
siemens scalance_sc626-2c_firmware
siemens scalance_sc632-2c_firmware
siemens scalance_sc636-2c_firmware
siemens scalance_sc642-2c_firmware
siemens scalance_sc646-2c_firmware

A use-after-free in Busybox 135-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function (CVE-2022-30065) ...

A use-after-free in Busybox 135-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function ...

Dockerfile for local use FSWiki (FreeStyleWiki) with Markdown Plugin, CSP (Content Security Policy), and LaTeX/MathML rendering using MathJax.

Dockerfile and docker-composeyml for local use FSWiki 日本語 FSWiki (FreeStyleWiki) is a Wiki clone written in Perl (and JavaScript) Features This Dockerfile is to launch FSWiki enabling: CSP (Content Security Policy) protected Markdown Plugin (available Markdown syntax (in Japanese)) LaTeX (and MathML) rendering using MathJax Restriction of access only from localhost

CWE-416 https://bugs.busybox.net/show_bug.cgi?id=14781 https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf https://nvd.nist.gov https://github.com/KazKobara/dockerfile_fswiki_local https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-18 https://alas.aws.amazon.com/ALAS-2023-1786.html

CVE-2022-30065

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect