VuXML ID | Description |
a75929bd-b6a4-11ed-bad6-080027f5fec9 | emacs -- multiple vulnerabilities
Xi Lu reports:
- CVE-2022-48337
-
GNU Emacs through 28.2 allows attackers to execute
commands via shell metacharacters in the name of a
source-code file, because lib-src/etags.c uses the
system C library function in its implementation of the
etags program. For example, a victim may use the
"etags -u *" command (suggested in the etags
documentation) in a situation where the current working
directory has contents that depend on untrusted input.
- CVE-2022-48338
-
An issue was discovered in GNU Emacs through 28.2. In
ruby-mode.el, the ruby-find-library-file function has a
local command injection vulnerability. The
ruby-find-library-file function is an interactive
function, and bound to C-c C-f. Inside the function, the
external command gem is called through
shell-command-to-string, but the feature-name parameters
are not escaped. Thus, malicious Ruby source files may
cause commands to be executed.
- CVE-2022-48339
-
An issue was discovered in GNU Emacs through
28.2. htmlfontify.el has a command injection
vulnerability. In the hfy-istext-command function, the
parameter file and parameter srcdir come from external
input, and parameters are not escaped. If a file name or
directory name contains shell metacharacters, code may
be executed.
Discovery 2022-12-06 Entry 2023-02-27 emacs
emacs-canna
emacs-nox
< 28.2_3,3
emacs-devel
emacs-devel-nox
< 30.0.50.20230101,3
CVE-2022-48337
CVE-2022-48338
CVE-2022-48339
https://www.debian.org/security/2023/dsa-5360
|
76e2fcce-92d2-11ed-a635-080027f5fec9 | emacs -- arbitary shell command execution vulnerability of ctags
lu4nx reports:
GNU Emacs through 28.2 allows attackers to execute
commands via shell metacharacters in the name of a
source-code file, because lib-src/etags.c uses the system
C library function in its implementation of the ctags
program. For example, a victim may use the "ctags *"
command (suggested in the ctags documentation) in a
situation where the current working directory has contents
that depend on untrusted input.
Discovery 2022-11-28 Entry 2023-01-12 emacs
emacs-canna
emacs-nox
< 28.2_2,3
emacs-devel
emacs-devel-nox
< 30.0.50.202211128,2
CVE-2022-45939
https://nvd.nist.gov/vuln/detail/CVE-2022-45939
|
4f6c4c07-3179-11ef-9da5-1c697a616631 | emacs -- Arbitrary shell code evaluation vulnerability
GNU Emacs developers report:
Emacs 29.4 is an emergency bugfix release intended to fix a security vulnerability. Arbitrary shell commands are no longer run when turning on Org mode in order to avoid running malicious code.
Discovery 2024-06-22 Entry 2024-06-23 emacs
emacs-canna
emacs-nox
emacs-wayland
< 29.3_3,3
emacs-devel
emacs-devel-nox
< 30.0.50.20240615_1,3
https://seclists.org/oss-sec/2024/q2/296
|
f661184a-eb90-11ee-92fc-1c697a616631 | emacs -- multiple vulnerabilities
GNU Emacs developers report:
Emacs 29.3 is an emergency bugfix release intended to fix several security vulnerabilities.
- Arbitrary Lisp code is no longer evaluated as part of turning on Org mode. This is for security reasons, to avoid evaluating malicious Lisp code.
- New buffer-local variable 'untrusted-content'. When this is non-nil, Lisp programs should treat buffer contents with extra caution.
- Gnus now treats inline MIME contents as untrusted. To get back previous insecure behavior, 'untrusted-content' should be reset to nil in the buffer.
- LaTeX preview is now by default disabled for email attachments. To get back previous insecure behavior, set the variable 'org--latex-preview-when-risky' to a non-nil value.
- Org mode now considers contents of remote files to be untrusted. Remote files are recognized by calling 'file-remote-p'.
Discovery 2024-03-24 Entry 2024-03-26 emacs
emacs-canna
emacs-nox
< 29.3,3
CVE-2024-30202
CVE-2024-30203
CVE-2024-30204
CVE-2024-30205
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29.3
|