Vulnerability Database
Blog
FAQ
Docs
CVE-2024-30203
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-30203
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-30203.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-30203
Related
ALSA-2024:6987
MGASA-2024-0104
RLSA-2024:9302
SUSE-SU-2024:1294-1
SUSE-SU-2024:1317-1
SUSE-SU-2024:2297-1
UBUNTU-CVE-2024-30203
USN-7027-1
Published
2024-03-25T15:15:52Z
Modified
2025-05-28T03:31:31.888718Z
Downstream
DLA-3801-1
RHSA-2024:6987
RHSA-2024:9302
DLA-3802-1
SUSE-SU-2024:1317-1
SUSE-SU-2024:1294-1
SUSE-SU-2024:2297-1
RLSA-2024:6987
Summary
[none]
Details
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.
References
http://www.openwall.com/lists/oss-security/2024/03/25/2
http://www.openwall.com/lists/oss-security/2024/04/08/3
http://www.openwall.com/lists/oss-security/2024/04/08/4
http://www.openwall.com/lists/oss-security/2024/04/08/6
http://www.openwall.com/lists/oss-security/2024/04/08/7
http://www.openwall.com/lists/oss-security/2024/04/10/3
http://www.openwall.com/lists/oss-security/2024/04/10/4
http://www.openwall.com/lists/oss-security/2024/04/10/5
http://www.openwall.com/lists/oss-security/2024/04/10/6
http://www.openwall.com/lists/oss-security/2024/04/11/4
http://www.openwall.com/lists/oss-security/2024/04/11/5
http://www.openwall.com/lists/oss-security/2024/04/11/6
https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29
https://security-tracker.debian.org/tracker/CVE-2024-30203
Affected packages
Debian:11
/
emacs
Package
Name
emacs
Purl
pkg:deb/debian/emacs?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:27.1+1-3.1+deb11u3
Affected versions
1:27.*
1:27.1+1-3.1
1:27.1+1-3.1+deb11u1
1:27.1+1-3.1+deb11u2
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:12
/
emacs
Package
Name
emacs
Purl
pkg:deb/debian/emacs?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:28.2+1-15+deb12u1
Affected versions
1:28.*
1:28.2+1-15
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:13
/
emacs
Package
Name
emacs
Purl
pkg:deb/debian/emacs?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:29.3+1-1
Affected versions
1:28.*
1:28.2+1-15
1:28.2+1-16
1:29.*
1:29.1+1-1
1:29.1+1-2
1:29.1+1-3
1:29.1+1-4
1:29.1+1-5~bpo12+1
1:29.1+1-5
1:29.2+1-1
1:29.2+1-2~bpo12+1
1:29.2+1-2
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:11
/
org-mode
Package
Name
org-mode
Purl
pkg:deb/debian/org-mode?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
9.4.0+dfsg-1+deb11u2
Affected versions
9.*
9.4.0+dfsg-1
9.4.0+dfsg-1+deb11u1
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:12
/
org-mode
Package
Name
org-mode
Purl
pkg:deb/debian/org-mode?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Affected versions
9.*
9.5.2+dfsh-5
9.6.6+dfsg-1~exp1
9.6.7+dfsg-1
9.6.8+dfsg-1
9.6.9+dfsg-1
9.6.10+dfsg-1
9.6.21+dfsg-1
9.6.23+dfsg-1
9.6.28+dfsg-1
9.7.5+dfsg-1
9.7.6+dfsg-1
9.7.6+dfsg-2
9.7.11+dfsg-1
9.7.13+dfsg-1
9.7.15+dfsg-1
9.7.16+dfsg-1
9.7.19+dfsg-1
9.7.25+dfsg-1
9.7.27+dfsg-1
9.7.29+dfsg-1
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:13
/
org-mode
Package
Name
org-mode
Purl
pkg:deb/debian/org-mode?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
9.6.23+dfsg-1
Affected versions
9.*
9.5.2+dfsh-5
9.6.6+dfsg-1~exp1
9.6.7+dfsg-1
9.6.8+dfsg-1
9.6.9+dfsg-1
9.6.10+dfsg-1
9.6.21+dfsg-1
Ecosystem specific
{ "urgency": "not yet assigned" }
Git
/
git.savannah.gnu.org/git/emacs.git
Affected ranges
Type
GIT
Repo
https://git.savannah.gnu.org/git/emacs.git
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
ae8f815613c2e072e92aa8fe7b4bcf2fdabc7408
Affected versions
emacs-19.*
emacs-19.34
emacs-20.*
emacs-20.1
emacs-20.2
emacs-20.3
emacs-20.4
emacs-22.*
emacs-22.1
emacs-22.2
emacs-22.3
emacs-23.*
emacs-23.2
emacs-23.3
emacs-23.4
emacs-24.*
emacs-24.0.96
emacs-24.0.97
emacs-24.1
emacs-24.2
emacs-24.2.90
emacs-24.2.91
emacs-24.2.92
emacs-24.2.93
emacs-24.3
emacs-24.3-rc1
emacs-24.3.90
emacs-24.3.91
emacs-24.3.92
emacs-24.3.93
emacs-24.3.94
emacs-24.4
emacs-24.4-rc1
emacs-24.4.90
emacs-24.4.91
emacs-24.5
emacs-24.5-rc1
emacs-24.5-rc2
emacs-24.5-rc3
emacs-24.5-rc3-fixed
emacs-25.*
emacs-25.0.90
emacs-25.0.91
emacs-25.0.92
emacs-25.0.93
emacs-25.0.94
emacs-25.0.95
emacs-25.1
emacs-25.1-rc1
emacs-25.1-rc2
emacs-25.1.90
emacs-25.1.91
emacs-25.2
emacs-25.2-rc1
emacs-25.2-rc2
emacs-26.*
emacs-26.0.90
emacs-26.0.91
emacs-26.1
emacs-26.1-rc1
emacs-26.1.90
emacs-26.1.91
emacs-26.1.92
emacs-26.2
emacs-26.2.90
emacs-26.3
emacs-26.3-rc1
emacs-27.*
emacs-27.0.90
emacs-27.0.91
emacs-27.1
emacs-27.1-rc1
emacs-27.1-rc2
emacs-27.1.90
emacs-27.1.91
emacs-27.2
emacs-27.2-rc1
emacs-27.2-rc2
emacs-28.*
emacs-28.0.90
emacs-28.0.91
emacs-28.0.92
emacs-28.1
emacs-28.1.90
emacs-28.1.91
emacs-28.2
emacs-28.3-rc1
emacs-29.*
emacs-29.0.90
emacs-29.0.91
emacs-29.0.92
emacs-29.1
emacs-29.1-rc1
emacs-29.1.90
emacs-29.2
emacs-pretest-21.*
emacs-pretest-21.0.100
emacs-pretest-21.0.101
emacs-pretest-21.0.102
emacs-pretest-21.0.103
emacs-pretest-21.0.104
emacs-pretest-21.0.105
emacs-pretest-21.0.106
emacs-pretest-21.0.90
emacs-pretest-21.0.91
emacs-pretest-21.0.92
emacs-pretest-21.0.93
emacs-pretest-21.0.95
emacs-pretest-21.0.96
emacs-pretest-21.0.97
emacs-pretest-21.0.98
emacs-pretest-21.0.99
emacs-pretest-22.*
emacs-pretest-22.0.90
emacs-pretest-22.0.91
emacs-pretest-22.0.92
emacs-pretest-22.0.93
emacs-pretest-22.0.94
emacs-pretest-22.0.95
emacs-pretest-22.0.96
emacs-pretest-22.0.97
emacs-pretest-22.0.98
emacs-pretest-22.0.99
emacs-pretest-22.0.990
emacs-pretest-22.1.90
emacs-pretest-22.1.91
emacs-pretest-22.1.92
emacs-pretest-22.2.90
emacs-pretest-22.2.91
emacs-pretest-22.2.92
emacs-pretest-23.*
emacs-pretest-23.0.90
emacs-pretest-23.0.91
emacs-pretest-23.0.92
emacs-pretest-23.0.93
emacs-pretest-23.0.94
emacs-pretest-23.0.95
emacs-pretest-23.1.90
emacs-pretest-23.1.91
emacs-pretest-23.1.92
emacs-pretest-23.1.93
emacs-pretest-23.1.94
emacs-pretest-23.1.95
emacs-pretest-23.1.96
emacs-pretest-23.1.97
emacs-pretest-23.2.90
emacs-pretest-23.2.91
emacs-pretest-23.2.92
emacs-pretest-23.2.93
emacs-pretest-23.2.93.1
emacs-pretest-23.2.94
emacs-pretest-23.3.90
emacs-pretest-24.*
emacs-pretest-24.0.05
emacs-pretest-24.0.90
emacs-pretest-24.0.91
emacs-pretest-24.0.92
emacs-pretest-24.0.93
emacs-pretest-24.0.94
emacs-pretest-24.0.95
mh-e-8.*
mh-e-8.0
mh-e-8.0.1
mh-e-8.0.2
mh-e-8.0.3
mh-e-8.1
mh-e-8.2
mh-e-8.2.90
mh-e-8.2.91
mh-e-8.2.92
mh-e-8.2.93
mh-e-8.3
mh-e-8.3.1
mh-e-8.4
mh-e-8.5
mh-e-8.6
mh-e-doc-8.*
mh-e-doc-8.0
mh-e-doc-8.0.1
mh-e-doc-8.0.3
mh-e-doc-8.1
mh-e-doc-8.2
mh-e-doc-8.3
mh-e-doc-8.4
mh-e-doc-8.5
Other
ttn-vms-21-2-B4
CVE-2024-30203 - OSV