| Name | CVE-2022-4515 |
| Description | A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
| References | DLA-3254-1 |
| Debian Bugs | 1026995 |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| exuberant-ctags (PTS) | buster | 1:5.9~svn20110310-12 | vulnerable |
| buster (security) | 1:5.9~svn20110310-12+deb10u1 | fixed |
| bullseye | 1:5.9~svn20110310-14 | vulnerable |
| bookworm | 1:5.9~svn20110310-18 | fixed |
| sid, trixie | 1:5.9~svn20110310-19 | fixed |
| universal-ctags (PTS) | buster | 0+git20181215-2 | fixed |
| bullseye | 0+git20200824-1.1 | fixed |
| sid, trixie, bookworm | 5.9.20210829.0-1 | fixed |
The information below is based on the following data on fixed versions.
Notes
[bullseye] - exuberant-ctags <no-dsa> (Minor issue)
- universal-ctags <not-affected> (Fixed before initial upload to Debian)
https://bugzilla.redhat.com/show_bug.cgi?id=2153519
Fixed by: https://github.com/universal-ctags/ctags/commit/e00c55d7a0204dc1d0ae316141323959e1e16162