Published: 07/02/2023 Updated: 07/11/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

In GNU Less prior to 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu less
fedoraproject fedora 37

Debian Bug report logs - #1030825 less: CVE-2022-46663: -R filtering bypass Package: src:less; Maintainer for src:less is Milan Kupcevic <milan@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 7 Feb 2023 20:06:01 UTC Severity: grave Tags: security, upstream Found in version less/590-11 ...

Synopsis Moderate: OpenShift Container Platform 4136 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4136 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Con ...

Synopsis Moderate: less security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for less is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security ...

Synopsis Important: OpenShift Virtualization 4133 Images security and bug fix update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 4133 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...

Synopsis Moderate: Red Hat OpenShift Enterprise security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 41223 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platform 4 ...

Synopsis Moderate: OpenShift Container Platform 4135 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4135 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Container Platf ...

Synopsis Moderate: Red Hat OpenShift Data Foundation 4131 security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4131 on Red Hat Enterprise Linux 8 from Red Hat Container RegistryRed Hat Product Security has rated this update ...

DescriptionThe MITRE CVE dictionary describes this issue as: In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal ...

NVD-CWE-Other https://github.com/gwsw/less/commit/a78e1351113cef564d790a730d657a321624d79c http://www.greenwoodsoftware.com/less/news.609.html https://www.openwall.com/lists/oss-security/2023/02/07/7 http://www.openwall.com/lists/oss-security/2023/02/07/7 https://security.gentoo.org/glsa/202310-11 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LR7AUWB34JD4PCW3HHASBEDGGHFWPAQP/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030825 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2022-46663

Get Started

CVE-2022-46663

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect