INFSA-2025:1917: emacs security update
Information about definition
Identificator: INFSA-2025:1917
Type: security
Release date: 2025-03-17 13:21:25 UTC
Information about package
GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.
Vulnerabilities description
- CVE-2025-1244
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-1244
|
no information | 8.8 | no information |
Updated packages