Lucene search
K

6 matches found

BDU FSTEC
BDU FSTEC
added 2024/06/10 12:0 a.m.7 views

Vulnerability of the close_altfile() function (filename.c) for UNIX-like system text terminals: allowing attackers to execute arbitrary commands

The vulnerability of the closealtfile function filename.c for UNIX-like system text terminals is related to the omission of the Shellquote call for LESSCLOSE. Exploiting this vulnerability could allow an attacker to execute arbitrary commands...

7CVSS7AI score0.01059EPSS
Exploits0References10Affected Software6
OSV
OSV
added 2024/04/25 5:30 p.m.8 views

CLSA-2024-1714066220 Fix CVE(s): CVE-2022-48624

SECURITY UPDATE: shell-quote filenames when invoking LESSCLOSE. - debian/patches/CVE-2022-48624.patch: Fix closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE. - CVE-2022-48624...

7.8CVSS7.2AI score0.01059EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/04/18 1:59 a.m.7 views

less: missing quoting of shell metacharacters in LESSCLOSE handling

A flaw was found in less. The closealtfile function in filename.c omits shellquote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system...

7.8CVSS6.9AI score0.01059EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/02/20 3:39 a.m.5 views

SUSE CVE-2022-48624

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

7.8CVSS6.8AI score0.01059EPSS
Exploits0References8
OSV
OSV
added 2024/02/19 1:15 a.m.8 views

AZL-34458 CVE-2022-48624 affecting package less for versions less than 590-3

closealtfile in filename.c in less before 606 omits shellquote calls for LESSCLOSE...

7.8CVSS6.6AI score0.01059EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/18 12:0 a.m.4 views

PT-2024-4011 · Less +9 · Less +9

Name of the Vulnerable Software and Affected Versions: less versions prior to 606 Description: The issue is related to the close altfile function in filename.c, which omits shell quote calls for LESSCLOSE. This can allow an attacker to execute arbitrary commands. Recommendations: For versions pri...

8.6CVSS6.4AI score0.01059EPSS
Exploits0References77
Rows per page
Query Builder