CVE-2024-30203

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Emacs versions prior to 29.3

Description The issue concerns how Gnus in Emacs handles inline MIME contents, treating them as trusted. This could potentially lead to security issues, although specific details about exploitation or affected devices are not provided.

Recommendations For versions prior to 29.3, update to version 29.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of Gnus for handling inline MIME contents until the update is applied.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-501CWE-829

Related Identifiers

ALSA-2024:6987

AZL-37081

AZL-37104

BDU:2025-16175

CESA-2024_6987

CVE-2024-30203

DLA-3801-1

DLA-3802-1

INFSA-2024_6987

INFSA-2024_9302

MGASA-2024-0104

OPENSUSE-SU-2024_1294-1

RHSA-2024:6987

RHSA-2024:9302

RHSA-2024_6987

RHSA-2024_9302

RLSA-2024:9302

SUSE-SU-2024:1294-1

SUSE-SU-2024:1317-1

SUSE-SU-2024:2297-1

SUSE-SU-2024_1294-1

SUSE-SU-2024_1317-1

SUSE-SU-2024_2297-1

USN-7027-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Emacs

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2024-30203

Weakness Enumeration

Related Identifiers

Affected Products

References · 87