Search CVE reports
21 – 22 of 22 results
CVE-2014-3421
Medium prioritylisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
7 affected packages
emacs22, emacs23, emacs24, emacs25, emacs-snapshot...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs22 | Not in release | Not in release | Not in release | Not in release | Not in release |
| emacs23 | Not in release | Not in release | Not in release | Not in release | Not in release |
| emacs24 | Not in release | Not in release | Not in release | Not in release | Not affected |
| emacs25 | Not in release | Not in release | Not in release | Not affected | Not in release |
| emacs-snapshot | Not in release | Not in release | Not in release | Not in release | Not in release |
| xemacs21 | Not affected | Not affected | Not affected | Not affected | Not affected |
| xemacs21-packages | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2012-3479
Medium prioritySome fixes available 8 of 15
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute...
6 affected packages
emacs21, emacs22, emacs23, emacs24, emacs-snapshot, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| emacs23 | — | — | — | — | — |
| emacs24 | — | — | — | — | — |
| emacs-snapshot | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |