Download
| Alert*
oval:org.secpod.oval:def:1601684
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command in a situation where the ... oval:org.secpod.oval:def:89362 Xi Lu discovered that missing input sanitising in Emacs could result in the execution of arbitrary shell commands. oval:org.secpod.oval:def:508139 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language , and the capability to read e-mail and news. Security Fix: emacs: command execution via shell metacharacters emacs: command injection vulnerability in htmlfontify.el ... oval:org.secpod.oval:def:19500029 GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command in a situation where the ... oval:org.secpod.oval:def:2108121 Oracle Solaris 11 - ( CVE-2022-48337 ) oval:org.secpod.oval:def:507685 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language , and the capability to read e-mail and news. Security Fix: * emacs: Regression of CVE-2023-28617 fixes in the Red Hat Enterprise Linux * emacs: command execution via ... oval:org.secpod.oval:def:1506565 [1:27.2-8.1] - Fix etags local command injection vulnerability - Fix htmlfontify.el command injection vulnerability - Fix ruby-mode.el local command injection vulnerability - Fix ob-latex.el command injection vulnerability [1:27.2-8] - Use a 64KB page size for pdump [1:27.2-7] - Fix ctags local ... oval:org.secpod.oval:def:89048606 This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability . oval:org.secpod.oval:def:89048639 This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability . oval:org.secpod.oval:def:126317 Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language , and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for X windows. oval:org.secpod.oval:def:1701207 GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command in a situation where ... oval:org.secpod.oval:def:610428 Xi Lu discovered that missing input sanitising in Emacs could result in the execution of arbitrary shell commands. oval:org.secpod.oval:def:2600229 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language , and the capability to read e-mail and news. oval:org.secpod.oval:def:126189 Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language , and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for X windows. oval:org.secpod.oval:def:2501274 GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language , and the capability to read e-mail and news. oval:org.secpod.oval:def:89048493 This update for emacs fixes the following issues: * CVE-2022-48337: Fixed etags local command injection vulnerability . * CVE-2022-48339: Fixed htmlfontify.el command injection vulnerability . * CVE-2022-48338: Fixed ruby-mode.el local command injection vulnerability . |