{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-48624", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-27T14:21:35.466Z", "dateReserved": "2024-02-19T00:00:00.000Z", "datePublished": "2024-02-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-10T17:11:50.319Z"}, "descriptions": [{"lang": "en", "value": "close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144"}, {"url": "https://greenwoodsoftware.com/less/"}, {"url": "https://github.com/gwsw/less/compare/v605...v606"}, {"url": "https://security.netapp.com/advisory/ntap-20240605-0010/"}, {"name": "[debian-lts-announce] 20240527 [SECURITY] [DLA 3823-1] less security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-02-20T17:06:03.635874Z", "id": "CVE-2022-48624", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T14:21:35.466Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.391Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144", "tags": ["x_transferred"]}, {"url": "https://greenwoodsoftware.com/less/", "tags": ["x_transferred"]}, {"url": "https://github.com/gwsw/less/compare/v605...v606", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240605-0010/", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20240527 [SECURITY] [DLA 3823-1] less security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html"}]}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-48624", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-27T14:21:35.466Z", "dateReserved": "2024-02-19T00:00:00.000Z", "datePublished": "2024-02-19T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-06-10T17:11:50.319Z"}, "descriptions": [{"lang": "en", "value": "close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144"}, {"url": "https://greenwoodsoftware.com/less/"}, {"url": "https://github.com/gwsw/less/compare/v605...v606"}, {"url": "https://security.netapp.com/advisory/ntap-20240605-0010/"}, {"name": "[debian-lts-announce] 20240527 [SECURITY] [DLA 3823-1] less security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:17:55.391Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144", "tags": ["x_transferred"]}, {"url": "https://greenwoodsoftware.com/less/", "tags": ["x_transferred"]}, {"url": "https://github.com/gwsw/less/compare/v605...v606", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240605-0010/", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20240527 [SECURITY] [DLA 3823-1] less security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-48624", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-20T17:06:03.635874Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:39.716Z"}}]}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:greenwoodsoftware:less:*:*:*:*:*:*:*:*", "matchCriteriaId": "56FD6549-720F-4443-A034-3F78CF0F791A", "versionEndExcluding": "606", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE."}, {"lang": "es", "value": "close_altfile en filename.c en less antes de 606 omite las llamadas shell_quote para LESSCLOSE."}], "id": "CVE-2022-48624", "lastModified": "2025-03-27T15:15:41.153", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-02-19T01:15:48.643", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/gwsw/less/compare/v605...v606"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://greenwoodsoftware.com/less/"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20240605-0010/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/gwsw/less/commit/c6ac6de49698be84d264a0c4c0c40bb870b10144"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/gwsw/less/compare/v605...v606"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://greenwoodsoftware.com/less/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00018.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20240605-0010/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:1610", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "less-0:530-2.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-02T00:00:00Z"}, {"advisory": "RHSA-2024:4256", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "less-0:530-3.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-02T00:00:00Z"}, {"advisory": "RHSA-2024:1989", "cpe": "cpe:/o:redhat:rhel_eus:8.6", "package": "less-0:530-2.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-04-23T00:00:00Z"}, {"advisory": "RHSA-2024:1875", "cpe": "cpe:/o:redhat:rhel_eus:8.8", "package": "less-0:530-2.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-04-18T00:00:00Z"}, {"advisory": "RHSA-2024:1692", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "less-0:590-3.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-08T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.6.18-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.6.18-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-409", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.6.18-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-481", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.6.18-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-246", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-216", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-430", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-226", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-472", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.6-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.6.18-3", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-operator-bundle:v5.6.18-30", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-rhel8-operator:v5.6.18-12", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-528", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-226", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2092", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/vector-rhel8:v0.21.0-127", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.7.13-16", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.7.13-7", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-408", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.7.13-19", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-480", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.7.13-9", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-248", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-215", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-431", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-228", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-471", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.6-15", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.7.13-3", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-operator-bundle:v5.7.13-27", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-rhel8-operator:v5.7.13-12", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-527", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-225", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}, {"advisory": "RHSA-2024:2093", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/vector-rhel8:v0.28.1-57", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-01T00:00:00Z"}], "bugzilla": {"description": "less: missing quoting of shell metacharacters in LESSCLOSE handling", "id": "2265081", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265081"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-77", "details": ["close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE.", "A flaw was found in less. The close_altfile() function in filename.c omits shell_quote calls for LESSCLOSE, a command line to invoke the optional input postprocessor. This issue could lead to an OS command injection vulnerability and arbitrary command execution on the host operating system."], "name": "CVE-2022-48624", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "less", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "less", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2024-02-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48624\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48624"], "statement": "To exploit this issue, an attacker needs the ability to influence the LESSCLOSE environment variable. This requirement makes this CVE a Moderate impact CVE.", "threat_severity": "Moderate"}