Skip to main content

Emacs CVE-2023-27986

HIGH
Code Injection (CWE-94)
2023-03-09 cve@mitre.org
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 09, 2023 - 06:15 nvd
HIGH 7.8

DescriptionNVD

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.

AnalysisAI

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90. Affected products include: Gnu Emacs. Version information: through 28.2.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.

More in Emacs

View all
CVE-2012-0035 CRITICAL
9.3 Jan 19

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, a

CVE-2024-39331 CRITICAL
9.8 Jun 23

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe

CVE-2017-14482 HIGH
8.8 Sep 14

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enric

CVE-2024-53920 HIGH
7.8 Nov 27

In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion)

CVE-2024-30202 HIGH
7.8 Mar 25

In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. Rated high severity (CVSS 7.8), t

CVE-2023-2491 HIGH
7.8 May 17

A flaw was found in the Emacs text editor. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

CVE-2023-27985 HIGH
7.8 Mar 09

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto:

CVE-2022-45939 HIGH
7.8 Nov 28

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file,

CVE-2014-9483 HIGH
7.5 Aug 28

Emacs 24.4 allows remote attackers to bypass security restrictions. Rated high severity (CVSS 7.5), this vulnerability i

CVE-2012-3479 MEDIUM
6.8 Aug 25

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the

CVE-2024-30205 HIGH
7.1 Mar 25

In Emacs before 29.3, Org mode considers contents of remote files to be trusted. Rated high severity (CVSS 7.1), this vu

CVE-2026-6861 MEDIUM
6.1 Apr 22

Memory corruption in GNU Emacs SVG/CSS processing allows local attackers to trigger denial of service or information dis

Share

CVE-2023-27986 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy