CVE-2024-30203

CWE-3498 documents8 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 92.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
GNU EmacsGNU ORG ModeDebian Debian Linux
Timeline
PublishedMar 25
Latest updateSep 19

Description

In Emacs before 29.3, Gnus treats inline MIME contents as trusted.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDgnu/emacs< 29.3
Debianemacs< 1:27.1+1-3.1+deb11u3+3
NVDgnu/org_mode< 9.6.23
Debianorg-mode< 9.4.0+dfsg-1+deb11u2+2

Also affects: Debian Linux 10.0

Patches

Patch: git.savannah.gnu.orgPatch: git.savannah.gnu.org

🔴Vulnerability Details

3
GHSA
GHSA-rmxq-q4j3-rg8f: In Emacs before 292024-03-25
OSV
CVE-2024-30203: In Emacs before 292024-03-25
CVEList
CVE-2024-30203: In Emacs before 292024-03-25

📋Vendor Advisories

4
Ubuntu
Emacs vulnerabilities2024-09-19
Red Hat
emacs: Gnus treats inline MIME contents as trusted2024-03-25
Microsoft
In Emacs before 29.3 Gnus treats inline MIME contents as trusted.2024-03-12
Debian
CVE-2024-30203: emacs - In Emacs before 29.3, Gnus treats inline MIME contents as trusted.2024
CVE-2024-30203 (MEDIUM CVSS 5.5) | In Emacs before 29.3 | cvebase.io