org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.
References
Configurations
History
07 Nov 2023, 04:10
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
12 Oct 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2023-03-19 03:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-28617
Mitre link : CVE-2023-28617
CVE.ORG link : CVE-2023-28617
JSON object : View
Products Affected
gnu
- org_mode
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')