Exploit Report

Exploit Report

Computer Security And Bug Information

CVE-2023-28617

Last Updated: March 23, 2023
CVECVE-2023-28617
CVE Title
Published Date2023-03-19T03:15Z
Modified Date2023-03-23T14:08Z
CWE TypeCWE-78
CVSS 3.xCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Descriptionorg-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://list.orgmode.org/[email protected]/T/#m6ef8e7d34b25fe17b4cbb655b161edce18c6655e
Reference DescriptionMISC https://list.orgmode.org/[email protected]/T/#m6ef8e7d34b25fe17b4cbb655b161edce18c6655e
Reference URLhttps://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=8f8ec2ccf3f5ef8f38d68ec84a7e4739c45db485
Reference DescriptionMISC https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=8f8ec2ccf3f5ef8f38d68ec84a7e4739c45db485
Reference URLhttps://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=a8006ea580ed74f27f974d60b598143b04ad1741
Reference DescriptionMISC https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=a8006ea580ed74f27f974d60b598143b04ad1741
TagsMailing List Patch Vendor Advisory
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles