4 matches found
CVE-2024-53920
In GNU Emacs (elisp-mode.el) prior to 30.1, invoking elisp-completion-at-point on untrusted Emacs Lisp can trigger unsafe Lisp macro expansion, enabling arbitrary code execution. This also occurs if on-the-fly diagnosis causes byte compilation of untrusted code. Root cause: unsafe macro expansion...
CVE-2024-53920
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...
CVE-2024-53920
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...
CVE-2024-53920
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. This unsafe expansion also occurs if a user chooses to...