CLSA-2024-1727287647 emacs: Fix of CVE-2024-48337

CVE-2024-48337: fix etags local command injection vulnerability...

The vulnerability of the lib-src/etags.c file of the EMACS text editor’s etags component allows a hacker to execute arbitrary code.

The vulnerability of the lib-src/etags.c file of the EMACS text editor’s etags component is related to the improper elimination of special elements used in the OS command. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

emacs: ctags local command execution vulnerability

A flaw was found in Etags, the Ctags implementation of Emacs. A file with a crafted filename may result in arbitrary command execution when processed by Etags...

emacs: ctags local command execution vulnerability

A flaw was found in Etags, the Ctags implementation of Emacs. A file with a crafted filename may result in arbitrary command execution when processed by Etags...

emacs: ctags local command execution vulnerability

A flaw was found in Etags, the Ctags implementation of Emacs. A file with a crafted filename may result in arbitrary command execution when processed by Etags...

SUSE-SU-2023:0675-1 Security update for emacs

This update for emacs fixes the following issues: - CVE-2022-48337: Fixed etags local command injection vulnerability bsc1208515. - CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability bsc1208512...

SUSE CVE-2022-48337

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u " command suggested in the eta...