VDB
CVE-2018-1000517
CVE-2018-1000517
PUBLISHED
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
EPSS 16.05% · 94.9th percentile
Risk Scores
EPSS Score
16.05%
94.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | busybox | *, 0, 1:1.27.2-1ubuntu3 |
| Ubuntu:14.04:LTS | busybox | 0, 1:1.20.0-9ubuntu2, 1:1.21.0-1ubuntu1 |
| Ubuntu:16.04:LTS | busybox | 0, 1:1.22.0-15ubuntu1 |
Timeline
- Jun 26, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 11, 2023 EPSS Score
- May 13, 2023 EPSS Score
- Sep 15, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2018-1000517 third-party-advisory
- https://ubuntu.com/security/notices/USN-3935-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2018-1000517 third-party-advisory