CVE-2023-27985 in Emacsinfo

Summary

emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.

Reservation

03/09/2023

Disclosure

03/09/2023

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
222640	Emacs Mailto URI emacsclient-mail.desktop os command injection	78	Not defined	Official fix	CVE-2023-27985

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!