emacs is vulnerable to Trust Boundary Violation. The vulnerability is due to a flaw in the processing logic of Emacs Gnus, allows attackers to potentially exploit trust assumptions in Emacs Gnus, as it incorrectly treats inline MIME contents as trusted without appropriate validation.
Vendor | Product | Version | CPE |
---|---|---|---|
veracode | emacs\ | sid | cpe:2.3:a:veracode:emacs\:sid:1\:27.1+1-3:*:*:*:*:*:*:* |
veracode | org-mode\ | sid | cpe:2.3:a:veracode:org-mode\:sid:9.4.0+dfsg-1:*:*:*:*:*:*:* |
veracode | emacs\ | buster | cpe:2.3:a:veracode:emacs\:buster:1\:26.1+1-3.2+deb10u1:*:*:*:*:*:*:* |
veracode | emacs\ | buster | cpe:2.3:a:veracode:emacs\:buster:1\:26.1+1-3.2+deb10u2:*:*:*:*:*:*:* |
veracode | emacs\ | bullseye | cpe:2.3:a:veracode:emacs\:bullseye:1\:27.1+1-3:*:*:*:*:*:*:* |
veracode | emacs\ | bookworm | cpe:2.3:a:veracode:emacs\:bookworm:1\:27.1+1-3.1:*:*:*:*:*:*:* |
www.openwall.com/lists/oss-security/2024/03/25/2
www.openwall.com/lists/oss-security/2024/04/08/3
www.openwall.com/lists/oss-security/2024/04/08/4
www.openwall.com/lists/oss-security/2024/04/08/6
www.openwall.com/lists/oss-security/2024/04/08/7
www.openwall.com/lists/oss-security/2024/04/10/3
www.openwall.com/lists/oss-security/2024/04/10/4
www.openwall.com/lists/oss-security/2024/04/10/5
www.openwall.com/lists/oss-security/2024/04/10/6
www.openwall.com/lists/oss-security/2024/04/11/4
www.openwall.com/lists/oss-security/2024/04/11/5
www.openwall.com/lists/oss-security/2024/04/11/6
git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804
git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29
lists.debian.org/debian-lts-announce/2024/04/msg00023.html
lists.debian.org/debian-lts-announce/2024/04/msg00024.html
security-tracker.debian.org/tracker/CVE-2024-30203