VDB
DEBIAN-CVE-2023-28617
DEBIAN-CVE-2023-28617
PUBLISHED
CVSS 7.800000190734863 HIGH
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
Risk Scores
CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | org-mode | 0, 0, 0 |
| Debian:14 | emacs | 0, 0, 0 |
| Debian:11 | org-mode | 0, *, * |
| Debian:12 | emacs | 0, 0, 0 |
| Debian:13 | org-mode | 0, 0, 0 |
| Debian:12 | org-mode | 0, 0, 0 |
| Debian:11 | emacs | 1:27.1+1-3.1+deb11u3, 1:27.1+1-3.1+deb11u4, * |
| Debian:13 | emacs | 0, 0, 0 |
Timeline
- Mar 19, 2023 CVE Published
- Apr 28, 2026 CVE Updated