Vulnerability Description
close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Greenwoodsoftware | Less | < 606 |
Related Weaknesses (CWE)
References
- https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144Patch
- https://github.com/gwsw/less/compare/v605...v606Patch
- https://greenwoodsoftware.com/less/Release Notes
- https://lists.debian.org/debian-lts-announce/2024/05/msg00018.htmlMailing ListThird Party Advisory
- https://security.netapp.com/advisory/ntap-20240605-0010/Third Party Advisory
- https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144Patch
- https://github.com/gwsw/less/compare/v605...v606Patch
- https://greenwoodsoftware.com/less/Release Notes
- https://lists.debian.org/debian-lts-announce/2024/05/msg00018.htmlMailing ListThird Party Advisory
- https://security.netapp.com/advisory/ntap-20240605-0010/Third Party Advisory
FAQ
What is CVE-2022-48624?
CVE-2022-48624 is a vulnerability with a CVSS score of 7.8 (HIGH). close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.
How severe is CVE-2022-48624?
CVE-2022-48624 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-48624?
Check the references section above for vendor advisories and patch information. Affected products include: Greenwoodsoftware Less.