Lucene search

[email protected]CVE-2024-39331

HistoryJun 23, 2024 - 10:15 p.m.

CVE-2024-39331

2024-06-2322:15:09

CWE-94

[email protected]

web.nvd.nist.gov

emacs

org-link-expand-abbrev

bug

unsafe function

expansion

org mode

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(…) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.

References

git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29

git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8

list.orgmode.org/87sex5gdqc.fsf%40localhost/

lists.debian.org/debian-lts-announce/2024/06/msg00023.html

lists.debian.org/debian-lts-announce/2024/06/msg00024.html

lists.gnu.org/archive/html/info-gnu-emacs/2024-06/msg00000.html

news.ycombinator.com/item?id=40768225

www.openwall.com/lists/oss-security/2024/06/23/1

www.openwall.com/lists/oss-security/2024/06/23/2

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

Related for CVE-2024-39331

fedora2 nessus6 cvelist1 openvas4 osv4 redhatcve1 ubuntucve1 nvd1 debiancve1 vulnrichment1