Vulnerability Database
Blog
FAQ
Docs
CVE-2024-30203
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-30203
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-30203.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-30203
Related
ALSA-2024:6987
DLA-3801-1
DLA-3802-1
RHSA-2024:6987
RHSA-2024:9302
RLSA-2024:9302
SUSE-SU-2024:1294-1
SUSE-SU-2024:1317-1
SUSE-SU-2024:2297-1
UBUNTU-CVE-2024-30203
USN-7027-1
Published
2024-03-25T15:15:52Z
Modified
2024-11-07T13:39:27.696385Z
Summary
[none]
Details
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.
References
http://www.openwall.com/lists/oss-security/2024/03/25/2
http://www.openwall.com/lists/oss-security/2024/04/08/3
http://www.openwall.com/lists/oss-security/2024/04/08/4
http://www.openwall.com/lists/oss-security/2024/04/08/6
http://www.openwall.com/lists/oss-security/2024/04/08/7
http://www.openwall.com/lists/oss-security/2024/04/10/3
http://www.openwall.com/lists/oss-security/2024/04/10/4
http://www.openwall.com/lists/oss-security/2024/04/10/5
http://www.openwall.com/lists/oss-security/2024/04/10/6
http://www.openwall.com/lists/oss-security/2024/04/11/4
http://www.openwall.com/lists/oss-security/2024/04/11/5
http://www.openwall.com/lists/oss-security/2024/04/11/6
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29
https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html
https://security-tracker.debian.org/tracker/CVE-2024-30203
Affected packages
Debian:11
/
emacs
Package
Name
emacs
Purl
pkg:deb/debian/emacs?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:27.1+1-3.1+deb11u3
Affected versions
1:27.*
1:27.1+1-3.1
1:27.1+1-3.1+deb11u1
1:27.1+1-3.1+deb11u2
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:12
/
emacs
Package
Name
emacs
Purl
pkg:deb/debian/emacs?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:28.2+1-15+deb12u1
Affected versions
1:28.*
1:28.2+1-15
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:13
/
emacs
Package
Name
emacs
Purl
pkg:deb/debian/emacs?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1:29.3+1-1
Affected versions
1:28.*
1:28.2+1-15
1:28.2+1-16
1:29.*
1:29.1+1-1
1:29.1+1-2
1:29.1+1-3
1:29.1+1-4
1:29.1+1-5~bpo12+1
1:29.1+1-5
1:29.2+1-1
1:29.2+1-2~bpo12+1
1:29.2+1-2
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:11
/
org-mode
Package
Name
org-mode
Purl
pkg:deb/debian/org-mode?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
9.4.0+dfsg-1+deb11u2
Affected versions
9.*
9.4.0+dfsg-1
9.4.0+dfsg-1+deb11u1
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:12
/
org-mode
Package
Name
org-mode
Purl
pkg:deb/debian/org-mode?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Affected versions
9.*
9.5.2+dfsh-5
9.6.6+dfsg-1~exp1
9.6.7+dfsg-1
9.6.8+dfsg-1
9.6.9+dfsg-1
9.6.10+dfsg-1
9.6.21+dfsg-1
9.6.23+dfsg-1
9.6.28+dfsg-1
9.7.5+dfsg-1
9.7.6+dfsg-1
9.7.6+dfsg-2
9.7.11+dfsg-1
9.7.13+dfsg-1
9.7.15+dfsg-1
Ecosystem specific
{ "urgency": "not yet assigned" }
Debian:13
/
org-mode
Package
Name
org-mode
Purl
pkg:deb/debian/org-mode?arch=source
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
9.6.23+dfsg-1
Affected versions
9.*
9.5.2+dfsh-5
9.6.6+dfsg-1~exp1
9.6.7+dfsg-1
9.6.8+dfsg-1
9.6.9+dfsg-1
9.6.10+dfsg-1
9.6.21+dfsg-1
Ecosystem specific
{ "urgency": "not yet assigned" }
CVE-2024-30203 - OSV