Msrc Cbl2 Emacs 29.3-1 On Cbl Mariner 2.0 vulnerabilities
4 known vulnerabilities affecting msrc/cbl2_emacs_29.3-1_on_cbl_mariner_2.0.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-39331CRITICALCVSS 9.82024-06-11
CVE-2024-39331 [CRITICAL] CWE-94 In Emacs before 29.4 org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function such as shell-command-to-string. This affects Org Mode before 9.7.5.
In Emacs before 29.4 org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function such as shell-command-to-string. This affects Org Mode before 9.7.5.
FAQ: Is Azure Linux the only Microsoft product that includes this open
msrc
CVE-2024-30202HIGHCVSS 7.82024-03-12
CVE-2024-30202 [HIGH] CWE-94 In Emacs before 29.3 arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.
In Emacs before 29.3 arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux d
msrc
CVE-2024-30205HIGHCVSS 7.12024-03-12
CVE-2024-30205 [HIGH] CWE-494 In Emacs before 29.3 Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
In Emacs before 29.3 Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is th
msrc
CVE-2024-30203MEDIUMCVSS 5.52024-03-12
CVE-2024-30203 [MEDIUM] In Emacs before 29.3 Gnus treats inline MIME contents as trusted.
In Emacs before 29.3 Gnus treats inline MIME contents as trusted.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source librarie
msrc