VDB

GCVE-110-MAGEIA-2022-457

GCVE-110-MAGEIA-2022-457
Advisory Published
Vulnetix · Advisory published December 13, 2022
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input. (CVE-2022-45939)

Affected Products

VendorProductVersionsPlatforms
Mageiaemacs0 (affected), 27.1-1.2.mga8 (unaffected)

Browse GCVE Records

73,866 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›