CVE-2021-42375

ADVISORY - nist

Summary

An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.

EPSS Score⁠: 0.00061 (0.194)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-159⁠

Improper Handling of Invalid Use of Special Elements

CWE-other⁠

ADVISORY - redhat

CWE-20⁠

Improper Input Validation

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.