CVE-2024-30205

Public on 2024-03-25
Modified on 2024-04-01
Description
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
Severity
Medium severity
Medium
CVSS v3 Base Score
5.0
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
HAQM Linux 1 emacs No Fix Planned
HAQM Linux 2 - Core emacs 2024-08-01 ALAS2-2024-2608 Fixed
HAQM Linux 2023 emacs 2024-07-18 ALAS2023-2024-663 Fixed

CVSS Scores

Score Type Score Vector
HAQM Linux CVSSv3 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
NVD CVSSv3 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

References

Red Hat: CVE-2024-30205 Mitre: CVE-2024-30205