In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.

The version of emacs installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-30202 advisory.

  - In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org     Mode before 9.6.23. (CVE-2024-30202)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of emacs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-30202 advisory.

  - In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org     Mode before 9.6.23. (CVE-2024-30202)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote host is affected by the vulnerability described in GLSA-202407-08 (GNU Emacs, Org Mode: Multiple Vulnerabilities)

    Multiple vulnerabilities have been discovered in GNU Emacs. Please review the CVE identifiers referenced     below for details.

Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-584 advisory.

    In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org     Mode before 9.6.23. (CVE-2024-30202)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f661184a-eb90-11ee-92fc-1c697a616631 advisory.

  - In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org     Mode before 9.6.23. (CVE-2024-30202)

  - In Emacs before 29.3, Gnus treats inline MIME contents as trusted. (CVE-2024-30203)

  - In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. (CVE-2024-30204)

  - In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode     before 9.6.23. (CVE-2024-30205)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
215878	Azure Linux 3.0 Security Update: emacs (CVE-2024-30202)	Nessus	Azure Linux Local Security Checks	high
201602	CBL Mariner 2.0 Security Update: emacs (CVE-2024-30202)	Nessus	MarinerOS Local Security Checks	high
201186	GLSA-202407-08 : GNU Emacs, Org Mode: Multiple Vulnerabilities	Nessus	Gentoo Local Security Checks	critical
193439	Amazon Linux 2023 : emacs, emacs-common, emacs-devel (ALAS2023-2024-584)	Nessus	Amazon Linux Local Security Checks	high
192595	FreeBSD : emacs -- multiple vulnerabilities (f661184a-eb90-11ee-92fc-1c697a616631)	Nessus	FreeBSD Local Security Checks	high

Detections

Analytics

CVE-2024-30202

high

Tenable Plugins

high

high

critical

high

high