Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2022-46663
HistoryFeb 07, 2023 - 12:00 a.m.

CVE-2022-46663

2023-02-0700:00:00
ubuntu.com
ubuntu.com
19
gnu less
ansi escape sequences
crafted data

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

64.5%

JSON

In GNU Less before 609, crafted data can result in “less -R” not filtering
ANSI escape sequences sent to the terminal.

Notes

Author Note
alexmurray affects less versions 566 and later (original bug was introduced in commit 0f810ef16781bf0f59690be63af876bddabf68bf)
OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchless< 590-1ubuntu0.22.04.1UNKNOWN
ubuntu22.10noarchless< 590-1ubuntu0.22.10.1UNKNOWN

Related

cve 1
redhatcve 1
nessus 17
gentoo 1
openvas 8
cvelist 1
nvd 1
redos 1
oraclelinux 1
prion 1
cbl_mariner 1
debiancve 1
veracode 1
almalinux 1
rocky 1
osv 5
ubuntu 1
fedora 1
cloudfoundry 1
redhat 6
rosalinux 1
alpinelinux 1
cve
cve
CVE-2022-46663
2023-02-07 21:15:09
redhatcve
redhatcve
CVE-2022-46663
2023-02-15 16:31:42
nessus
nessus
Fedora 37 : less (2023-71442d7613)
2023-06-12 00:00:00
Oracle Linux 9 : less (ELSA-2023-3725)
2023-06-22 00:00:00
Rocky Linux 9 : less (RLSA-2023:3725)
2023-08-31 00:00:00
gentoo
gentoo
less: Denial of service
2023-10-10 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2023-2125)
2023-06-07 00:00:00
Ubuntu: Security Advisory (USN-5848-1)
2023-02-09 00:00:00
openSUSE: Security Advisory for less (SUSE-SU-2023:0348-1)
2024-03-04 00:00:00
cvelist
cvelist
CVE-2022-46663
2023-02-07 00:00:00
nvd
nvd
CVE-2022-46663
2023-02-07 21:15:09
redos
redos
ROS-20230210-01
2023-02-10 00:00:00
oraclelinux
oraclelinux
less security update
2023-06-21 00:00:00
prion
prion
Code injection
2023-02-07 21:15:00
cbl_mariner
cbl_mariner
CVE-2022-46663 affecting package less for versions less than 590-2
2023-03-09 00:24:20
debiancve
debiancve
CVE-2022-46663
2023-02-07 21:15:09
veracode
veracode
Denial Of Service (DoS)
2023-03-10 22:09:49
almalinux
almalinux
Moderate: less security update
2023-06-21 00:00:00
rocky
rocky
less security update
2023-08-31 16:55:39
osv
osv
Moderate: less security update
2023-08-31 16:55:39
Moderate: less security update
2023-06-21 00:00:00
less vulnerability
2023-02-09 05:45:43
ubuntu
ubuntu
less vulnerability
2023-02-09 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: less-633-1.fc37
2023-06-10 01:28:02
cloudfoundry
cloudfoundry
USN-5848-1: less vulnerability | Cloud Foundry
2023-04-20 00:00:00
redhat
redhat
(RHSA-2023:3725) Moderate: less security update
2023-06-21 13:52:18
(RHSA-2023:4437) Moderate: Red Hat OpenShift Data Foundation 4.13.1 security and bug fix update
2023-08-02 16:06:00
(RHSA-2023:3925) Moderate: Red Hat OpenShift Enterprise security update
2023-07-06 13:59:34
rosalinux
rosalinux
Advisory ROSA-SA-2023-2238
2023-09-19 09:33:11
alpinelinux
alpinelinux
CVE-2022-46663
2023-02-07 21:15:09

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

64.5%

JSON
Related for UB:CVE-2022-46663
cve1redhatcve1nessus17gentoo1openvas8cvelist1nvd1redos1oraclelinux1prion1cbl_mariner1debiancve1veracode1almalinux1rocky1osv5ubuntu1fedora1cloudfoundry1redhat6rosalinux1alpinelinux1