Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Less
(Gnu)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 3 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2004-12-31 | CVE-2004-2264 | Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed | Less | N/A | ||
2023-02-07 | CVE-2022-46663 | In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | Fedora, Less | 7.5 | ||
2015-04-14 | CVE-2014-9488 | The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read. | Less, Opensuse | N/A |