CVE-2025-46394
ADVISORY - nistSummary
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.
EPSS Score: 0.00031 (0.085)
Common Weakness Enumeration (CWE)
ADVISORY - nist
User Interface (UI) Misrepresentation of Critical Information
Alpine
CREATED
UPDATED
ADVISORY IDCVE-2025-46394
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| alpine/busybox | apk | alpine | 3.22 | <1.37.0-r20 | 1.37.0-r20 |
| alpine/busybox | apk | alpine | 3.20 | <1.36.1-r31 | 1.36.1-r31 |
| alpine/busybox | apk | alpine | 3.21 | <1.37.0-r14 | 1.37.0-r14 |
| alpine/busybox | apk | alpine | 3.23 | <1.37.0-r27 | 1.37.0-r27 |
| alpine/busybox | apk | alpine | edge | <1.37.0-r27 | 1.37.0-r27 |
| alpine/busybox | apk | alpine | 3.24 | <1.37.0-r27 | 1.37.0-r27 |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-46394
EXPLOITABILITY SCORE
1.4
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
3.2lowDebian
CREATED
UPDATED
ADVISORY IDCVE-2025-46394
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-46394
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
3.3mediumChainguard
CREATED
UPDATED
ADVISORY ID
CGA-jrx7-26c9-jxcv
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Chainguard
CREATED
UPDATED
ADVISORY ID
CGA-wj2c-v25v-c33q
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
minimos
CREATED
UPDATED
ADVISORY ID
MINI-7xq4-37v3-672q
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-