{"id":"MGASA-2022-0135","summary":"Updated busybox packages fix security vulnerability","details":"BusyBox through 1.35.0 allows remote attackers to execute arbitrary code\nif netstat is used to print a DNS PTR record's value to a VT compatible\nterminal. Alternatively, the attacker could choose to change the\nterminal's colors. (CVE-2022-28391)\n","modified":"2026-01-31T06:25:02.954969Z","published":"2022-04-09T21:20:39Z","related":["CVE-2022-28391"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0135.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30246"},{"type":"REPORT","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28391"},{"type":"REPORT","url":"https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661"}],"affected":[{"package":{"name":"busybox","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/busybox?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.34.1-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0135.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}