Gnu Less vulnerabilities
3 known vulnerabilities affecting gnu/less.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2022-46663HIGHCVSS 7.5≥ 566, < 6092023-02-07
CVE-2022-46663 [HIGH] CVE-2022-46663: In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sen
In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.
nvd
CVE-2014-9488CRITICALCVSS 10.0≤ 4712015-04-14
CVE-2014-9488 [CRITICAL] CWE-119 CVE-2014-9488: The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified
The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.
nvd
CVE-2004-2264MEDIUMCVSS 6.4v358v381+1 more2004-12-31
CVE-2004-2264 [MEDIUM] CVE-2004-2264: Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might al
Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which
nvd