rpm package
suse/less&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
pkg:rpm/suse/less&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-32487 | — | < 530-150000.3.9.1 | 530-150000.3.9.1 | Apr 13, 2024 | less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation al | ||
| CVE-2022-48624 | — | < 530-150000.3.6.2 | 530-150000.3.6.2 | Feb 19, 2024 | close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. |
- CVE-2024-32487Apr 13, 2024affected < 530-150000.3.9.1fixed 530-150000.3.9.1
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation al
- CVE-2022-48624Feb 19, 2024affected < 530-150000.3.6.2fixed 530-150000.3.6.2
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.