Vulnerabilities

CVE-2024-39331

by Fred · 23/06/2024

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(…) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.

More information : https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29

Similar

Tags: Cybersecurity Alert