Lucene search
Redhat.comRH:CVE-2023-28617HistoryMar 24, 2023 - 1:07 p.m.
CVE-2023-28617
2023-03-2413:07:51
redhat.com
access.redhat.com
15
emacs
text editor
arbitrary command execution
org-mode
code execution
vulnerability
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
30.2%
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.
Mitigation
Do not evaluate untrusted Lisp or org-mode code.
Related
oraclelinux
oraclelinux
emacs security update
2023-05-02 00:00:00
emacs security update
2023-04-24 00:00:00
almalinux
almalinux
Important: emacs security update
2023-05-02 00:00:00
Important: emacs security update
2023-04-24 00:00:00
Important: emacs security update
2023-05-16 00:00:00
osv
osv
Important: emacs security update
2023-04-24 00:00:00
Important: emacs security update
2023-05-05 15:41:01
Important: emacs security update
2023-04-26 15:28:03
debian
debian
[SECURITY] [DLA 3616-1] org-mode security update
2023-10-12 11:09:58
[SECURITY] [DLA 3416-1] emacs security update
2023-05-09 23:02:24
openvas
openvas
Mageia: Security Advisory (MGASA-2023-0152)
2023-04-24 00:00:00
Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2023-2639)
2023-09-05 00:00:00
Debian: Security Advisory (DLA-3616-1)
2023-10-13 00:00:00
nessus
nessus
RHEL 8 : emacs (RHSA-2023:1958)
2023-04-25 00:00:00
EulerOS Virtualization 2.11.1 : emacs (EulerOS-SA-2023-2721)
2024-01-16 00:00:00
Rocky Linux 9 : emacs (RLSA-2023:2074)
2023-05-05 00:00:00
redhat
redhat
(RHSA-2023:1915) Important: emacs security update
2023-04-20 13:16:34
(RHSA-2023:2074) Important: emacs security update
2023-05-02 07:07:42
(RHSA-2023:3189) Important: emacs security update
2023-05-17 15:12:59
rocky
rocky
emacs security update
2023-05-05 15:41:01
emacs security update
2023-04-26 15:28:03
veracode
veracode
OS Command Injection
2023-08-06 07:40:29
cbl_mariner
cbl_mariner
CVE-2023-28617 affecting package emacs for versions less than 28.2-5
2023-03-30 01:18:53
cvelist
cvelist
CVE-2023-28617
2023-03-19 00:00:00
CVE-2023-2491
2023-05-17 00:00:00
cve
cve
CVE-2023-28617
2023-03-19 03:15:11
CVE-2023-2491
2023-05-17 22:15:10
nvd
nvd
CVE-2023-28617
2023-03-19 03:15:11
CVE-2023-2491
2023-05-17 22:15:10
ubuntu
ubuntu
Emacs vulnerability
2023-04-06 00:00:00
prion
prion
Design/Logic Flaw
2023-03-19 03:15:00
Command injection
2023-05-17 22:15:00
ubuntucve
ubuntucve
CVE-2023-28617
2023-03-19 00:00:00
CVE-2023-2491
2023-05-17 00:00:00
mageia
mageia
Updated emacs packages fix security vulnerability
2023-04-24 03:20:26
amazon
amazon
Important: emacs
2023-04-13 19:28:00
debiancve
debiancve
CVE-2023-28617
2023-03-19 03:15:11
CVE-2023-2491
2023-05-17 22:15:10
redhatcve
redhatcve
CVE-2023-2491
2023-05-03 12:16:44
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-09-28 07:46:35
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
30.2%
Related for RH:CVE-2023-28617