Gnu

Org Mode

6 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-39331

  • EPSS 0.24%
  • Published 23.06.2024 22:15:09
  • Last modified 30.04.2025 16:44:51

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.

7.8

CVE-2024-30202

  • EPSS 0.05%
  • Published 25.03.2024 15:15:52
  • Last modified 01.05.2025 14:33:59

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.

5.5

CVE-2024-30203

  • EPSS 0.03%
  • Published 25.03.2024 15:15:52
  • Last modified 01.05.2025 14:33:44

In Emacs before 29.3, Gnus treats inline MIME contents as trusted.

2.8

CVE-2024-30204

  • EPSS 0.02%
  • Published 25.03.2024 15:15:52
  • Last modified 01.05.2025 14:33:32

In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.

7.1

CVE-2024-30205

  • EPSS 0.03%
  • Published 25.03.2024 15:15:52
  • Last modified 01.05.2025 14:32:31

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

7.8

CVE-2023-28617

  • EPSS 0.03%
  • Published 19.03.2023 03:15:11
  • Last modified 26.02.2025 21:15:16

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.