emacs (SUSE:Linux Enterprise Server 15 SP3-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP3-LTSS package emacs, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2022-48337 — CVSS 9.8 (critical): GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because…
CVE-2024-39331 — CVSS 9.8 (critical): In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as…
CVE-2025-1244 — CVSS 8.8 (high): A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell…
CVE-2022-48339 — CVSS 7.8 (high): An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command…
CVE-2024-30205 — CVSS 7.1 (high): In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.