bat on windows before 0.18.2 executes programs named less.exe from the current working directory. This can lead to unintended code execution.
{ "license": "CC0-1.0" }
{ "affected_functions": null, "affects": { "os": [ "windows" ], "functions": [], "arch": [] } }
{ "cvss": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "informational": null, "categories": [ "code-execution" ] }