INFCSA-2024:6510: Emacs security update
Information about definition
Identificator: INFCSA-2024:6510
Type: security
Release date: 2025-09-24 19:22:54 UTC
Information about package
GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.
Vulnerabilities description
- CVE-2024-39331
A flaw was found in Emacs. Arbitrary shell commands can be executed without prompting when an Org mode file is opened or when the Org mode is enabled, when Emacs is used as an email client, this issue can be triggered when previewing email attachments.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-39331
|
no information | 7.8 | no information |
Updated packages
Preparing to download...