Amazon Linux 2023 : emacs, emacs-common, emacs-devel (ALAS2023-2023-134)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-134 advisory. emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry...

Important: emacs

Issue Overview: emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. CVE-2023-27985 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable...

Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)

Updated emacs packages fix security vulnerabilities : Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent...

CVE-2012-3479

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file...