Количество 17
Количество 17
CVE-2024-32487
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases.
CVE-2024-32487
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases.
CVE-2024-32487
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases.
CVE-2024-32487
CVE-2024-32487
less through 653 allows OS command execution via a newline character i ...
SUSE-SU-2024:2060-1
Security update for less
SUSE-SU-2024:1598-1
Security update for less
SUSE-SU-2024:1550-1
Security update for less
SUSE-SU-2024:1534-1
Security update for less
RLSA-2024:3513
Important: less security update
GHSA-f53j-pgm5-c4r3
less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases.
ELSA-2024-3669
ELSA-2024-3669: less security update (IMPORTANT)
ELSA-2024-3513
ELSA-2024-3513: less security update (IMPORTANT)
BDU:2024-03717
Уязвимость утилиты для текстовых терминалов UNIX-подобных систем Less, связанная с непринятием мер по нейтрализации специальных элементов, позволяющая нарушителю произвольные команды
ROS-20240516-01
Уязвимость less
RLSA-2024:4256
Important: less security update
ELSA-2024-4256
ELSA-2024-4256: less security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-32487 less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
 | CVE-2024-32487 less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
 | CVE-2024-32487 less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
 | CVSS3: 8.6 | 0% Низкий | больше 1 года назад | |
| CVE-2024-32487 less through 653 allows OS command execution via a newline character i ... | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
 | SUSE-SU-2024:2060-1 Security update for less | 0% Низкий | больше 1 года назад | |
| SUSE-SU-2024:1598-1 Security update for less | 0% Низкий | больше 1 года назад | |
| SUSE-SU-2024:1550-1 Security update for less | 0% Низкий | больше 1 года назад | |
| SUSE-SU-2024:1534-1 Security update for less | 0% Низкий | больше 1 года назад | |
 | RLSA-2024:3513 Important: less security update | 0% Низкий | больше 1 года назад | |
| GHSA-f53j-pgm5-c4r3 less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable, but this is set by default in many common cases. | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
| ELSA-2024-3669 ELSA-2024-3669: less security update (IMPORTANT) | больше 1 года назад | ||
| ELSA-2024-3513 ELSA-2024-3513: less security update (IMPORTANT) | больше 1 года назад | ||
 | BDU:2024-03717 Уязвимость утилиты для текстовых терминалов UNIX-подобных систем Less, связанная с непринятием мер по нейтрализации специальных элементов, позволяющая нарушителю произвольные команды | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
 | ROS-20240516-01 Уязвимость less | CVSS3: 8.6 | 0% Низкий | больше 1 года назад |
| RLSA-2024:4256 Important: less security update | 6 месяцев назад | ||
| ELSA-2024-4256 ELSA-2024-4256: less security update (IMPORTANT) | больше 1 года назад |
Уязвимостей на страницу