Lucene search

K

Veracode Vulnerability DatabaseVERACODE:46239

HistoryApr 05, 2024 - 10:36 p.m.

Trust Boundary Violation

2024-04-0522:36:27

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6

emacs

gnus

trust boundary

vulnerability

mime

processing

6.1 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.2%

emacs is vulnerable to Trust Boundary Violation. The vulnerability is due to a flaw in the processing logic of Emacs Gnus, allows attackers to potentially exploit trust assumptions in Emacs Gnus, as it incorrectly treats inline MIME contents as trusted without appropriate validation.

CPENameOperatorVersion
emacs:sideq1:27.1+1-3
emacs:sideq1:27.1+1-3
org-mode:sideq9.4.0+dfsg-1
emacs:bustereq1:26.1+1-3.2+deb10u1
emacs:bustereq1:26.1+1-3.2+deb10u2
emacs:bullseyeeq1:27.1+1-3
emacs:bookwormeq1:27.1+1-3.1

References

www.openwall.com/lists/oss-security/2024/03/25/2

www.openwall.com/lists/oss-security/2024/04/08/3

www.openwall.com/lists/oss-security/2024/04/08/4

www.openwall.com/lists/oss-security/2024/04/08/6

www.openwall.com/lists/oss-security/2024/04/08/7

www.openwall.com/lists/oss-security/2024/04/10/3

www.openwall.com/lists/oss-security/2024/04/10/4

www.openwall.com/lists/oss-security/2024/04/10/5

www.openwall.com/lists/oss-security/2024/04/10/6

www.openwall.com/lists/oss-security/2024/04/11/4

www.openwall.com/lists/oss-security/2024/04/11/5

www.openwall.com/lists/oss-security/2024/04/11/6

git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804

git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29

lists.debian.org/debian-lts-announce/2024/04/msg00023.html

lists.debian.org/debian-lts-announce/2024/04/msg00024.html

security-tracker.debian.org/tracker/CVE-2024-30203

6.1 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

17.2%

Related for VERACODE:46239

debiancve1 cbl_mariner2 nvd1 ubuntucve1 cvelist1 cve1 redhatcve1 osv2 debian3 openvas5 nessus5 freebsd1 mageia1