U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:gnu:less:382:*:*:*:*:*:*:*
There are 2 matching records.
Displaying matches 1 through 2.
Vuln ID Summary CVSS Severity
CVE-2014-9488

The is_utf8_well_formed function in GNU less before 475 allows remote attackers to have unspecified impact via malformed UTF-8 characters, which triggers an out-of-bounds read.

Published: April 14, 2015; 2:59:02 PM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2004-2264

Format string bug in the open_altfile function in filename.c for GNU less 382, 381, and 358 might allow local users to cause a denial of service or possibly execute arbitrary code via format strings in the LESSOPEN environment variable. NOTE: since less is not setuid or setgid, then this is not a vulnerability unless there are plausible scenarios under which privilege boundaries could be crossed

Published: December 31, 2004; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 6.4 MEDIUM