CVE-2024-30203

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-30203
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://www.openwall.com/lists/oss-security/2024/03/25/2 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/7 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/6 Mailing List
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 Patch
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 Release Notes
https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html Mailing List
https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html Mailing List
http://www.openwall.com/lists/oss-security/2024/03/25/2 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/08/7 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/3 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/10/6 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/4 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/5 Mailing List
http://www.openwall.com/lists/oss-security/2024/04/11/6 Mailing List
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 Patch
https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 Release Notes
https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html Mailing List
https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html Mailing List
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
History

01 May 2025, 14:33

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2024/03/25/2 - () http://www.openwall.com/lists/oss-security/2024/03/25/2 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/08/3 - () http://www.openwall.com/lists/oss-security/2024/04/08/3 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/08/4 - () http://www.openwall.com/lists/oss-security/2024/04/08/4 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/08/6 - () http://www.openwall.com/lists/oss-security/2024/04/08/6 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/08/7 - () http://www.openwall.com/lists/oss-security/2024/04/08/7 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/10/3 - () http://www.openwall.com/lists/oss-security/2024/04/10/3 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/10/4 - () http://www.openwall.com/lists/oss-security/2024/04/10/4 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/10/5 - () http://www.openwall.com/lists/oss-security/2024/04/10/5 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/10/6 - () http://www.openwall.com/lists/oss-security/2024/04/10/6 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/11/4 - () http://www.openwall.com/lists/oss-security/2024/04/11/4 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/11/5 - () http://www.openwall.com/lists/oss-security/2024/04/11/5 - Mailing List
References () http://www.openwall.com/lists/oss-security/2024/04/11/6 - () http://www.openwall.com/lists/oss-security/2024/04/11/6 - Mailing List
References () https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 - () https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 - Patch
References () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 - () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 - Release Notes
References () https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html - () https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html - Mailing List
References () https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html - () https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html - Mailing List
CWE NVD-CWE-noinfo
First Time Gnu org Mode
Gnu
Gnu emacs
Debian
Debian debian Linux
CPE cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*

21 Nov 2024, 09:11

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2024/03/25/2 - () http://www.openwall.com/lists/oss-security/2024/03/25/2 -
References () http://www.openwall.com/lists/oss-security/2024/04/08/3 - () http://www.openwall.com/lists/oss-security/2024/04/08/3 -
References () http://www.openwall.com/lists/oss-security/2024/04/08/4 - () http://www.openwall.com/lists/oss-security/2024/04/08/4 -
References () http://www.openwall.com/lists/oss-security/2024/04/08/6 - () http://www.openwall.com/lists/oss-security/2024/04/08/6 -
References () http://www.openwall.com/lists/oss-security/2024/04/08/7 - () http://www.openwall.com/lists/oss-security/2024/04/08/7 -
References () http://www.openwall.com/lists/oss-security/2024/04/10/3 - () http://www.openwall.com/lists/oss-security/2024/04/10/3 -
References () http://www.openwall.com/lists/oss-security/2024/04/10/4 - () http://www.openwall.com/lists/oss-security/2024/04/10/4 -
References () http://www.openwall.com/lists/oss-security/2024/04/10/5 - () http://www.openwall.com/lists/oss-security/2024/04/10/5 -
References () http://www.openwall.com/lists/oss-security/2024/04/10/6 - () http://www.openwall.com/lists/oss-security/2024/04/10/6 -
References () http://www.openwall.com/lists/oss-security/2024/04/11/4 - () http://www.openwall.com/lists/oss-security/2024/04/11/4 -
References () http://www.openwall.com/lists/oss-security/2024/04/11/5 - () http://www.openwall.com/lists/oss-security/2024/04/11/5 -
References () http://www.openwall.com/lists/oss-security/2024/04/11/6 - () http://www.openwall.com/lists/oss-security/2024/04/11/6 -
References () https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 - () https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804 -
References () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 - () https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 -
References () https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html - () https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html -
References () https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html - () https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html -

07 Nov 2024, 11:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5

01 May 2024, 18:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/04/08/3 -
  • () http://www.openwall.com/lists/oss-security/2024/04/08/6 -
  • () http://www.openwall.com/lists/oss-security/2024/04/08/7 -
  • () http://www.openwall.com/lists/oss-security/2024/04/10/5 -
  • () http://www.openwall.com/lists/oss-security/2024/04/10/6 -

01 May 2024, 17:15

Type Values Removed Values Added
References
  • () http://www.openwall.com/lists/oss-security/2024/03/25/2 -
  • () http://www.openwall.com/lists/oss-security/2024/04/08/4 -
  • () http://www.openwall.com/lists/oss-security/2024/04/10/3 -
  • () http://www.openwall.com/lists/oss-security/2024/04/10/4 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/4 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/5 -
  • () http://www.openwall.com/lists/oss-security/2024/04/11/6 -

30 Apr 2024, 10:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html -

29 Apr 2024, 14:15

Type Values Removed Values Added
References
  • () https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html -

25 Mar 2024, 15:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-25 15:15

Updated : 2025-05-01 14:33

NVD link : CVE-2024-30203

Mitre link : CVE-2024-30203

CVE.ORG link : CVE-2024-30203

JSON object : View

Products Affected

debian

  • debian_linux

gnu

  • emacs
  • org_mode
CWE
NVD-CWE-noinfo