CVE-2024-30203

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-30203
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://www.openwall.com/lists/oss-security/2024/03/25/2 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/7 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/6 Mailing List
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 Patch
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 Release Notes
https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html Mailing List
https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html Mailing List
http://www.openwall.com/lists/oss-security/2024/03/25/2 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/7 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/6 Mailing List
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 Patch
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 Release Notes
https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html Mailing List
https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html Mailing List
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2024-03-25 15:15

Updated : 2025-05-01 14:33

NVD link : CVE-2024-30203

Mitre link : CVE-2024-30203

CVE.ORG link : CVE-2024-30203

JSON object : View

Products Affected

gnu

  • org_mode
  • emacs

debian

  • debian_linux
CWE
NVD-CWE-noinfo