OESA-2023-1694 ctags security update

Ctags generates an index or tag file of language objects found in source files that allows these items to be quickly and easily located by a text editor or other utility. A tag signifies a language object for which an index entry is available or, alternatively, the index entry created for that...

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.

...

AZL-12083 CVE-2022-4515 affecting package ctags for versions less than 5.9.20220619.0-7

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

Ctags 操作系统命令注入漏洞

Ctags is Sourceforge open source for generating indexed files from a program's source code tree, thus facilitating text editors to achieve rapid location of the utility. Ctags has a security vulnerability that originates from externalSortTags in sort.c calling the system3 function in an unsafe...