CVE-2023-27986

CWE-94Code InjectionCWE-77Command Injection8 documents7 sources
Severity
7.8HIGH
EPSS
0.2%
top 56.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Emacs
Timeline
PublishedMar 9
Latest updateMay 2

Description

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

Debianemacs< 1:28.2+1-13+2
NVDgnu/emacs28.128.2

Patches

Patch: git.savannah.gnu.orgPatch: www.openwall.comPatch: www.openwall.com

🔴Vulnerability Details

3
CVEList
CVE-2023-27986: emacsclient-mail2023-03-09
GHSA
GHSA-whwp-m746-hx6w: emacsclient-mail2023-03-09
OSV
CVE-2023-27986: emacsclient-mail2023-03-09

📋Vendor Advisories

4
Red Hat
kernel: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier2025-05-02
Microsoft
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.2023-03-14
Red Hat
emacs: Emacs Lisp code injection via a crafted mailto URI2023-03-08
Debian
CVE-2023-27986: emacs - emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp ...2023
CVE-2023-27986 (HIGH CVSS 7.8) | emacsclient-mail.desktop in Emacs 2 | cvebase.io