Lucene search

K
redhatcveRedhat.comRH:CVE-2022-48624
HistoryFeb 20, 2024 - 9:19 a.m.

CVE-2022-48624

2024-02-2009:19:56
redhat.com
access.redhat.com
17
cve-2022-48624
flaw
less
filename
os command injection
arbitrary command execution

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.5%

A flaw was found in less. The close_altfile() function in filename.c omits shell_quote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system.