Vulnerabilities > GNU > Emacs > 27.2

DATE CVE VULNERABILITY TITLE RISK
2023-02-20 CVE-2022-48337 OS Command Injection vulnerability in multiple products
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program.
network
low complexity
gnu debian CWE-78
critical
 9.8
9.8
2023-02-20 CVE-2022-48338 Command Injection vulnerability in GNU Emacs
An issue was discovered in GNU Emacs through 28.2.
local
low complexity
gnu CWE-77
7.3
7.3
2023-02-20 CVE-2022-48339 Improper Encoding or Escaping of Output vulnerability in GNU Emacs
An issue was discovered in GNU Emacs through 28.2.
local
low complexity
gnu CWE-116
7.8
7.8
2022-11-28 CVE-2022-45939 OS Command Injection vulnerability in multiple products
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program.
local
low complexity
gnu debian fedoraproject CWE-78
7.8
7.8