Medium
Canonical Ubuntu
It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a crash or execute arbitrary commands. Update Instructions: Run sudo pro fix USN-6664-1
to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: less – 551-1ubuntu0.2 No subscription required
CVEs contained in this USN include: CVE-2022-48624.
Severity is medium unless otherwise noted.
Users of affected products are strongly encouraged to follow the mitigations below.
The Cloud Foundry project recommends upgrading the following releases:
2024-04-04: Initial vulnerability report published.
CPE | Name | Operator | Version |
---|---|---|---|
cflinuxfs4 | lt | 1.77.0 | |
jammy stemcells | lt | 1.404 | |
cf deployment | lt | 30.0.0 |