Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46663 | 1 Gnu | 1 Less | 2023-02-16 | N/A | 7.5 HIGH |
| In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | |||||
| CVE-2014-9488 | 2 Gnu, Opensuse | 2 Less, Opensuse | 2018-10-30 | 10.0 HIGH | N/A |
| The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read. | |||||
| CVE-2004-2264 | 1 Gnu | 1 Less | 2017-07-10 | 6.4 MEDIUM | N/A |
| ** DISPUTED ** Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed. | |||||