Lucene search
K

104 matches found

Veracode
Veracode
added 2023/03/13 1:7 a.m.14 views

Arbitrary Code Execution

exuberant-ctags is vulnerable to Arbitrary Code Execution. The vulnerability exists due to the improper handling of the "-o" option in externalSortTags of sort.c, allowing an attacker to inject and execute malicious code...

7.8CVSS7.5AI score0.00577EPSS
Exploits1References3Affected Software2
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.13 views

Debian: Security Advisory (DLA-69-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.7AI score0.04276EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.5 views

SUSE CVE-2014-7204

jscript.c in Exuberant Ctags 5.8 allows remote attackers to cause a denial of service infinite loop and CPU and disk consumption via a crafted JavaScript file...

5CVSS6.7AI score0.04276EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:30 a.m.4 views

SUSE CVE-2022-4515

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS7.1AI score0.00577EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.21 views

SUSE SLES12 Security Update : ctags (SUSE-SU-2023:0224-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0224-1 advisory. - CVE-2022-4515: Fixed a command injection issue via a tag file wih a crafted filename bsc1206543. Tenable has extracted the preceding...

7.8CVSS7.2AI score0.00577EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/02/02 12:0 a.m.29 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ctags (SUSE-SU-2023:0225-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0225-1 advisory. - CVE-2022-4515: Fixed a command injection issue via a tag file wih a crafted filename bsc1206543. Tenabl...

7.8CVSS7.2AI score0.00577EPSS
Exploits1References4
OSV
OSV
added 2023/01/24 2:19 a.m.3 views

USN-5820-1 exuberant-ctags vulnerability

Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution...

7.8CVSS7.1AI score0.00577EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/01/24 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-5820-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.00577EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/01/24 12:0 a.m.19 views

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : exuberant-ctags vulnerability (USN-5820-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5820-1 advisory. Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename...

7.8CVSS7.6AI score0.00577EPSS
Exploits1References2
OSV
OSV
added 2023/01/13 5:37 p.m.9 views

MGASA-2023-0003 Updated ctags packages fix security vulnerability

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS7.7AI score0.00577EPSS
Exploits1References3
Mageia
Mageia
added 2023/01/13 5:37 p.m.24 views

Updated ctags packages fix security vulnerability

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS2AI score0.00577EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/01/01 12:0 a.m.13 views

Debian: Security Advisory (DLA-3254-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.00577EPSS
Exploits1References3
OSV
OSV
added 2022/12/31 12:0 a.m.17 views

DLA-3254-1 exuberant-ctags - security update

Bulletin has no description...

7.8CVSS7.4AI score0.00577EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/12/31 12:0 a.m.22 views

Debian dla-3254 : exuberant-ctags - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3254 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3254-1 [email protected] https://www.debian.org/lts/security/...

7.8CVSS7.6AI score0.00577EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2022/12/30 8:0 a.m.4 views

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way.

...

7.8CVSS7.6AI score0.00577EPSS
Exploits1
NVD
NVD
added 2022/12/20 7:15 p.m.14 views

CVE-2022-4515

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS0.00577EPSS
Exploits1References2
OSV
OSV
added 2022/12/20 7:15 p.m.6 views

CVE-2022-4515

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS7.7AI score
Exploits0References2
OSV
OSV
added 2022/12/20 7:15 p.m.7 views

AZL-12083 CVE-2022-4515 affecting package ctags for versions less than 5.9.20220619.0-7

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS7.4AI score0.00577EPSS
Exploits1References1
OSV
OSV
added 2022/12/20 7:15 p.m.2 views

DEBIAN-CVE-2022-4515

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS7.6AI score0.00577EPSS
Exploits1References1
OSV
OSV
added 2022/12/20 7:15 p.m.5 views

AZL-34647 CVE-2022-4515 affecting package ctags for versions less than 6.1.0-1

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags in sort.c calls the system3...

7.8CVSS7.4AI score0.00577EPSS
Exploits1References1
Rows per page
Query Builder