← Zuruck zu CVEs

CVE-2024-30205

HIGH

7.1

Beschreibung

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

CVE Details

CVSS v3.1 Bewertung7.1

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

AngriffsvektorLOCAL

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionREQUIRED

Veroffentlicht3/25/2024

Zuletzt geandert5/1/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

debian:debian_linuxgnu:emacsgnu:org_mode

Schwachen (CWE)

CWE-494

Referenzen

http://www.openwall.com/lists/oss-security/2024/03/25/2(cve@mitre.org)

https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=2bc865ace050ff118db43f01457f95f95112b877(cve@mitre.org)

https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29(cve@mitre.org)

https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d(cve@mitre.org)

https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html(cve@mitre.org)

https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html(cve@mitre.org)

http://www.openwall.com/lists/oss-security/2024/03/25/2(af854a3a-2127-422b-91ae-364da2661108)

https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=2bc865ace050ff118db43f01457f95f95112b877(af854a3a-2127-422b-91ae-364da2661108)

https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29(af854a3a-2127-422b-91ae-364da2661108)

https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d(af854a3a-2127-422b-91ae-364da2661108)

https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html(af854a3a-2127-422b-91ae-364da2661108)

https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.