Lucene search

Gentoo FoundationGLSA-202407-08

HistoryJul 01, 2024 - 12:00 a.m.

GNU Emacs, Org Mode: Multiple Vulnerabilities

2024-07-0100:00:00

Gentoo Foundation

security.gentoo.org

gnu emacs

org mode

vulnerabilities

cve

upgrade

text editor

extensible

customizable

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

Background

GNU Emacs is a highly extensible and customizable text editor.

Description

Multiple vulnerabilities have been discovered in GNU Emacs. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All GNU Emacs users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=app-editors/emacs-29.3-r2"

All Org Mode users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=app-emacs/org-mode-9.6.23"

OSVersionArchitecturePackageVersionFilename
Gentooanyallapp-editors/emacs< 26.3-r16UNKNOWN
Gentooanyallapp-emacs/org-mode< 9.6.23UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	app-editors/emacs	< 26.3-r16	UNKNOWN
Gentoo	any	all	app-emacs/org-mode	< 9.6.23	UNKNOWN

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.0%

JSON

GNU Emacs, Org Mode: Multiple Vulnerabilities

Background

Description

Impact

Workaround

Resolution

Related