104 matches found
Arbitrary Code Execution
exuberant-ctags is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the improper handling of the "-o" option in externalSortTags of sort.c, allowing an attacker to inject and execute malicious code...
Debian: Security Advisory (DLA-69-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2014-7204
jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...
SUSE CVE-2022-4515
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
SUSE SLES12 Security Update : ctags (SUSE-SU-2023:0224-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0224-1 advisory. - CVE-2022-4515: Fixed a command injection issue via a tag file wih a crafted filename bsc1206543. Tenable has extracted the preceding...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ctags (SUSE-SU-2023:0225-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0225-1 advisory. - CVE-2022-4515: Fixed a command injection issue via a tag file wih a crafted filename bsc1206543. Tenabl...
USN-5820-1 exuberant-ctags vulnerability
Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution...
Ubuntu: Security Advisory (USN-5820-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : exuberant-ctags vulnerability (USN-5820-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5820-1 advisory. Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename...
MGASA-2023-0003 Updated ctags packages fix security vulnerability
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
Updated ctags packages fix security vulnerability
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
Debian: Security Advisory (DLA-3254-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-3254-1 exuberant-ctags - security update
Bulletin has no description...
Debian dla-3254 : exuberant-ctags - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3254 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3254-1 [email protected] https://www.debian.org/lts/security/...
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.
...
CVE-2022-4515
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
CVE-2022-4515
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
AZL-12083 CVE-2022-4515 affecting package ctags for versions less than 5.9.20220619.0-7
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
DEBIAN-CVE-2022-4515
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...
AZL-34647 CVE-2022-4515 affecting package ctags for versions less than 6.1.0-1
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...