{"id":"CVE-2024-30205","details":"In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.","modified":"2026-03-20T04:32:06.225151Z","published":"2024-03-25T15:15:52.567Z","related":["ALSA-2024:6987","MGASA-2024-0104","SUSE-SU-2024:1294-1","SUSE-SU-2024:1317-1","SUSE-SU-2024:2297-1"],"references":[{"type":"ADVISORY","url":"https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"},{"type":"FIX","url":"https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=2bc865ace050ff118db43f01457f95f95112b877"},{"type":"FIX","url":"https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2024/03/25/2"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://cgit.git.savannah.gnu.org/cgit/emacs/org-mode.git","events":[{"introduced":"0"},{"fixed":"4255d5dcc0657915f90e4fba7e0a5514cced514d"}]},{"type":"GIT","repo":"https://git.savannah.gnu.org/git/emacs/org-mode.git/","events":[{"introduced":"0"},{"fixed":"5ff4d54c6fa527f478035467ffe0a82a81a92320"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"9.6.23"}]}}],"versions":["5.23a","6.26b","7.8.05","7.9.3e","beta_8.3","d","rel519","release_","release_4.12a","release_4.13","release_4.19a","release_4.19b","release_4.20","release_4.21","release_4.22","release_4.23","release_4.24","release_4.26","release_4.27","release_4.28","release_4.29","release_4.30","release_4.33","release_4.34","release_4.36","release_4.37","release_4.40","release_4.41","release_4.42","release_4.43","release_4.44","release_4.45","release_4.46","release_4.48","release_4.50","release_4.51","release_4.52","release_4.53","release_4.54","release_4.55","release_4.56","release_4.57","release_4.58","release_4.59","release_4.60","release_4.61","release_4.62","release_4.64","release_4.65","release_4.66","release_4.67","release_4.68","release_4.69","release_4.70","release_4.71","release_4.72","release_4.74","release_4.75","release_4.76","release_4.77","release_4.78","release_4.79","release_5.01","release_5.01b","release_5.02","release_5.03","release_5.03n","release_5.04","release_5.05","release_5.06","release_5.06b","release_5.06c","release_5.06d","release_5.06e","release_5.07","release_5.07a","release_5.10a","release_5.10b","release_5.11","release_5.11b","release_5.12","release_5.12b","release_5.12c","release_5.13","release_5.13a","release_5.13c","release_5.13d","release_5.13e","release_5.13g","release_5.13h","release_5.13i","release_5.14","release_5.15","release_5.15a","release_5.16","release_5.16a","release_5.16b","release_5.17","release_5.17a","release_5.18","release_5.18a","release_5.19","release_5.19a","release_5.20","release_5.21","release_5.22","release_5.22a","release_5.23a","release_6.01","release_6.01a","release_6.01b","release_6.01c","release_6.02","release_6.02a","release_6.02b","release_6.03","release_6.04","release_6.04a","release_6.04b","release_6.04c","release_6.05","release_6.05a","release_6.05b","release_6.06","release_6.06a","release_6.06b","release_6.07","release_6.07a","release_6.07b","release_6.08","release_6.08a","release_6.08c","release_6.09","release_6.09a","release_6.10","release_6.10a","release_6.10b","release_6.10c","release_6.11","release_6.11a","release_6.11b","release_6.11c","release_6.12","release_6.12a","release_6.12b","release_6.13","release_6.13a","release_6.14","release_6.15","release_6.15a","release_6.15b","release_6.15c","release_6.15d","release_6.15f","release_6.16","release_6.16a","release_6.16b","release_6.16c","release_6.17","release_6.17a","release_6.17b","release_6.17c","release_6.18","release_6.18a","release_6.18b","release_6.18c","release_6.19","release_6.19a","release_6.19b","release_6.19c","release_6.19d","release_6.19e","release_6.20","release_6.20a","release_6.20b","release_6.20c","release_6.20d","release_6.20e","release_6.20f","release_6.20g","release_6.20h","release_6.20i","release_6.21","release_6.21a","release_6.21b","release_6.22","release_6.22a","release_6.22b","release_6.23","release_6.23a","release_6.23b","release_6.24","release_6.24a","release_6.24b","release_6.24c","release_6.25","release_6.25a","release_6.25b","release_6.25c","release_6.25d","release_6.26","release_6.26a","release_6.26b","release_6.26c","release_6.26d","release_6.27","release_6.27a","release_6.28","release_6.28a","release_6.28b","release_6.28c","release_6.28d","release_6.29","release_6.29a","release_6.29b","release_6.29c","release_6.30","release_6.30a","release_6.30b","release_6.30c","release_6.30d","release_6.31","release_6.32","release_6.32a","release_6.32b","release_6.33","release_6.33a","release_6.33b","release_6.33c","release_6.33d","release_6.33e","release_6.33f","release_6.34","release_6.34a","release_6.34b","release_6.34c","release_6.35","release_6.35a","release_6.35b","release_6.35c","release_6.35d","release_6.35e","release_6.35f","release_6.35g","release_6.36","release_7.01","release_7.01b","release_7.01e","release_7.01f","release_7.01g","release_7.01h","release_7.02","release_7.3","release_7.4","release_7.5","release_7.6","release_7.7","release_7.8","release_7.8.01","release_7.8.02","release_7.8.03","release_7.8.04","release_7.8.05","release_7.8.06","release_7.8.07","release_7.8.08","release_7.8.09","release_7.8.10","release_7.8.11","release_7.9","release_7.9.1","release_7.9.2","release_7.9.3","release_7.9.3a","release_7.9.3b","release_7.9.3c","release_7.9.3d","release_7.9.3f","release_7.9.4","release_8.0","release_8.0-alpha","release_8.0-beta","release_8.0-pre","release_8.0.1","release_8.0.2","release_8.0.3","release_8.0.4","release_8.0.5","release_8.0.6","release_8.0.7","release_8.1","release_8.1.1","release_8.1.2","release_8.2","release_8.2.1","release_8.2.10","release_8.2.2","release_8.2.3","release_8.2.3a","release_8.2.3b","release_8.2.3c","release_8.2.4","release_8.2.5","release_8.2.5a","release_8.2.5b","release_8.2.5c","release_8.2.5d","release_8.2.5e","release_8.2.5f","release_8.2.5g","release_8.2.5h","release_8.2.6","release_8.2.7","release_8.2.7a","release_8.2.7b","release_8.2.7c","release_8.2.8","release_8.2.9","release_8.3","release_8.3.1","release_8.3.2","release_8.3.3","release_8.3.4","release_8.3.5","release_8.3.6","release_8.3beta","release_9.0","release_9.0.1","release_9.0.10","release_9.0.2","release_9.0.3","release_9.0.4","release_9.0.5","release_9.0.6","release_9.0.7","release_9.0.8","release_9.0.9","release_9.1","release_9.1.1","release_9.1.10","release_9.1.11","release_9.1.12","release_9.1.13","release_9.1.14","release_9.1.2","release_9.1.3","release_9.1.4","release_9.1.5","release_9.1.6","release_9.1.7","release_9.1.8","release_9.1.9","release_9.2","release_9.2.1","release_9.2.2","release_9.2.3","release_9.2.4","release_9.2.5","release_9.2.6","release_9.3","release_9.3.1","release_9.3.2","release_9.3.3","release_9.3.4","release_9.3.5","release_9.3.6","release_9.3.7","release_9.3.8","release_9.4","release_9.4.1","release_9.4.2","release_9.4.3","release_9.4.4","release_9.4.5","release_9.4.6","release_9.5","release_9.5.1","release_9.5.2","release_9.5.3","release_9.5.4","release_9.5.5","release_9.6","release_9.6.1","release_9.6.10","release_9.6.11","release_9.6.12","release_9.6.13","release_9.6.14","release_9.6.15","release_9.6.16","release_9.6.17","release_9.6.18","release_9.6.19","release_9.6.2","release_9.6.20","release_9.6.21","release_9.6.22","release_9.6.3","release_9.6.4","release_9.6.5","release_9.6.6","release_9.6.7","release_9.6.8","release_9.6.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-30205.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"29.3"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}]}