Уязвимость функции hfy-istext-command текстового редактора EMACS, позволяющая нарушителю выполнить произвольный код

Множественные уязвимости emacs

An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.

An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.

An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.

An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has ...

An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.

ELSA-2023-3481: emacs security update (MODERATE)

Security update for emacs

Security update for emacs

ELSA-2023-7083: emacs security update (MODERATE)

Security update for emacs

ELSA-2023-2626: emacs security update (IMPORTANT)