CVE-2024-30205

Опубликовано: 25 мар. 2024

Источник: debian

EPSS Низкий

Описание

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

Пакет	Статус	Версия исправления	Релиз	Тип
emacs	fixed	1:29.3+1-1		package
emacs	fixed	1:28.2+1-15+deb12u1	bookworm	package
emacs	fixed	1:27.1+1-3.1+deb11u3	bullseye	package
org-mode	fixed	9.6.23+dfsg-1		package
org-mode	ignored		bookworm	package
org-mode	fixed	9.4.0+dfsg-1+deb11u2	bullseye	package

https://www.openwall.com/lists/oss-security/2024/03/24/1
https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=2bc865ace050ff118db43f01457f95f95112b877 (emacs-29.3)
https://list.orgmode.org/87o7b3eczr.fsf@bzg.fr/T/#t
https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d (release_9.6.23)

EPSS

Процентиль: 7%

0.0003

Низкий

CVE-2024-30205

CVSS3: 7.1

ubuntu

больше 1 года назад

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

CVE-2024-30205

CVSS3: 7.8

redhat

больше 1 года назад

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

CVE-2024-30205

CVSS3: 7.1

nvd

больше 1 года назад

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

CVE-2024-30205

CVSS3: 7.1

msrc

около 1 года назад

Описание отсутствует

GHSA-vxx9-qwhq-hgf4

CVSS3: 7.1

github

больше 1 года назад

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

EPSS

Процентиль: 7%

0.0003

Низкий