Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Less
(Greenwoodsoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-13 | CVE-2024-32487 | less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. | Debian_linux, Less, Bootstrap_os, Hci_storage_nodes, Solidfire | N/A | ||
| 2024-02-19 | CVE-2022-48624 | close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. | Less | 7.8 |