GHSA-3xgq-45jj-v275: Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to R...
High
Package:
cross-spawn
Installed Version:
7.0.3
Fixed Version:
7.0.5
CVSS Score:
7.50
GHSA-v6h2-p8h4-qcjw: A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has...
Low
Package:
brace-expansion
Installed Version:
2.0.1
Fixed Version:
2.0.2
CVSS Score:
3.10
CVE-2025-46394: In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through...
Low
Package:
busybox
Installed Version:
1.37.0-r19
Fixed Version:
CVSS Score:
3.30
CVE-2025-46394: In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through...
Low
Package:
busybox-binsh
Installed Version:
1.37.0-r19
Fixed Version:
CVSS Score:
3.30
CVE-2025-46394: In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through...
Low
Package:
ssl_client
Installed Version:
1.37.0-r19
Fixed Version:
CVSS Score:
3.30
CVE-2024-58251: In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[...
Low
Package:
busybox
Installed Version:
1.37.0-r19
Fixed Version:
CVSS Score:
2.50
CVE-2024-58251: In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[...
Low
Package:
busybox-binsh
Installed Version:
1.37.0-r19
Fixed Version:
CVSS Score:
2.50
CVE-2024-58251: In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[...
Low
Package:
ssl_client
Installed Version:
1.37.0-r19
Fixed Version:
CVSS Score:
2.50