CVE-2022-4515 – ctags: arbitrary command execution via a tag file with a crafted filename

https://notcve.org/view.php?id=CVE-2022-4515

A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies the tag filename. A crafted tag filename specified in the command line or in the configuration file results in arbitrary command execution because the externalSortTags() in sort.c calls the system(3) function in an unsafe way. Se encontró una falla en Exuberant Ctags en la forma en que maneja la opción "-o". Esta opción especifica el nombre del archivo de etiqueta. • https://lists.debian.org/debian-lts-announce/2022/12/msg00040.html https://sourceforge.net/p/ctags/code/HEAD/tree/tags/ctags-5.8/sort.c#l56 https://access.redhat.com/security/cve/CVE-2022-4515 https://bugzilla.redhat.com/show_bug.cgi?id=2153519 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •