Описание
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/focal | released | 1:26.3+1-1ubuntu2+esm1 |
| esm-apps/jammy | released | 1:27.1+1-3ubuntu5.2 |
| esm-apps/noble | released | 1:29.3+1-1ubuntu2+esm1 |
| focal | ignored | end of standard support, was needed |
| jammy | released | 1:27.1+1-3ubuntu5.2 |
| mantic | ignored | end of life, was needs-triage |
| noble | needed | |
| oracular | not-affected | |
| plucky | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/focal | DNE | |
| esm-infra/xenial | released | 24.5+1-6ubuntu1.1+esm4 |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra/bionic | released | 25.2+1-6ubuntu0.1~esm2 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-apps/bionic | released | 9.1.6+dfsg-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 9.3.1+dfsg-1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 9.5.2+dfsh-4ubuntu0.1~esm1 |
| esm-apps/noble | released | 9.6.10+dfsg-1ubuntu0.1~esm1 |
| esm-apps/xenial | released | 8.3.3-2ubuntu0.1~esm1 |
| focal | ignored | end of standard support, was needed |
| jammy | needed | |
| mantic | ignored | end of life, was needed |
| noble | needed |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| mantic | ignored | end of life, was needs-triage |
| noble | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| mantic | ignored | end of life, was needs-triage |
| noble | needs-triage |
Показывать по
Ссылки на источники
9.8 Critical
CVSS3
Связанные уязвимости
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a % ...
9.8 Critical
CVSS3