3 matches found
Astra Linux – Vulnerability in emacs
In Emacs versions before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbreviation even when it specifies an unsafe function, such as shell-command-to-string. This issue affects Org Mode before 9.7.5...
MiracleLinux 7 : emacs-24.3-23.1.0.3.el7.AXS7 (AXSA:2024-8951:05)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8951:05 advisory. CVE-2024-39331: do not expand link abbrevs that contain unsafe function CVEs: CVE-2024-39331 In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expan...
DEBIAN-CVE-2024-39331
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %... link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5...