less: Fix of CVE-2024-32487

🗓️ 17 May 2024 11:47:49Reported by CloudLinuxType

cloudlinux

cloudlinux🔗 repo.cloudlinux.com👁 62 Views

Fix of CVE-2024-32487: quoting mishandling in filename.

Reporter	Title	Published	Views	Family All 206
IBM Security Bulletins	Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to less atarbitrary command execution vulnerability [CVE-2024-32487]	6 Aug 202421:28	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	27 May 202523:25	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Base OS issues	8 Aug 202417:29	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in less (CVE-2024-32487) affects Power HMC.	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in axios affect IBM Voice Gateway	15 Apr 202502:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	15 Apr 202502:53	–	ibm
Tenable Nessus	Amazon Linux 2023 : less (ALAS2023-2024-622)	28 May 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : less (ALAS-2024-2547)	31 May 202400:00	–	nessus
Tenable Nessus	Amazon Linux AMI : less (ALAS-2025-1958)	5 Feb 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0168: less (ALINUX3-SA-2024:0168)	14 May 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Centos	6	x86_64	less	436	less-436-13.el6.tuxcare.els2.src.rpm

17 May 2024 11:47Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.18.6

EPSS0.00329

SSVC

unix security fix quoting mishandling