Privacy Leakage

2024-04-0522:36:03

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

privacy leakage

vulnerability

emacs

latex preview

email attachments

sensitive information

6.2 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.2%

JSON

emacs is vulnerable to a Privacy Leakage. The vulnerability is due to LaTeX preview being enabled by default for email attachments, allows attackers can automatically generating LaTeX previews for email attachments, potentially disclosing sensitive information to unintended recipients.

CPENameOperatorVersion
emacs:sideq1:27.1+1-3
emacs:sideq1:27.1+1-3
org-mode:sideq9.4.0+dfsg-1
emacs:bustereq1:26.1+1-3.2+deb10u2
emacs:bustereq1:26.1+1-3.2+deb10u1
emacs:bullseyeeq1:27.1+1-3
emacs:bookwormeq1:27.1+1-3.1

Name	Operator	Version
emacs:sid	eq	1:27.1+1-3
emacs:sid	eq	1:27.1+1-3
org-mode:sid	eq	9.4.0+dfsg-1
emacs:buster	eq	1:26.1+1-3.2+deb10u2
emacs:buster	eq	1:26.1+1-3.2+deb10u1
emacs:bullseye	eq	1:27.1+1-3
emacs:bookworm	eq	1:27.1+1-3.1