ALT-PU-2023-4428-1
Package less updated to version 633-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2023-02-10
BDU:2023-00696
Уязвимость утилиты для текстовых терминалов UNIX-подобных систем Less, связанная с некорректной фильтрацией встроенных последовательностей ANSI при обработке элемента -R, позволяющая нарушителю повысить свои привилегии
Severity: MEDIUM (5.5)
Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2023-02-08
Modified: 2025-03-25
Modified: 2025-03-25
CVE-2022-46663
In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- http://www.greenwoodsoftware.com/less/news.609.html
- http://www.greenwoodsoftware.com/less/news.609.html
- [oss-security] 20230207 CVE-2022-46663: less -R filtering bypass
- [oss-security] 20230207 CVE-2022-46663: less -R filtering bypass
- https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c
- https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c
- FEDORA-2023-71442d7613
- FEDORA-2023-71442d7613
- GLSA-202310-11
- GLSA-202310-11
- https://www.openwall.com/lists/oss-security/2023/02/07/7
- https://www.openwall.com/lists/oss-security/2023/02/07/7