Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
There is no an existing or known mitigation for this issue without disabling part of the Emacs core functionality. However, by avoiding opening or view untrusted files, websites, HTTP URLs or other URI resources with Emacs would reduce or prevent the risk of performing this attack successfully.
Wed, 16 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Sat, 12 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Fri, 11 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Thu, 22 May 2025 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:10 |
Thu, 13 Mar 2025 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openshift Builds
|
|
CPEs | cpe:/a:redhat:openshift_builds:1.3::el9 | |
Vendors & Products |
Redhat openshift Builds
|
|
References |
|
Tue, 04 Mar 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.4 |
Tue, 04 Mar 2025 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.4::appstream | |
References |
|
Tue, 04 Mar 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.2 |
Mon, 03 Mar 2025 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
|
|
CPEs | cpe:/o:redhat:rhel_els:7 | |
Vendors & Products |
Redhat rhel Els
|
|
References |
|
Mon, 03 Mar 2025 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/o:redhat:rhel_aus:8.2::baseos |
|
References |
|
Mon, 03 Mar 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.4 cpe:/a:redhat:rhel_aus:8.6 cpe:/a:redhat:rhel_e4s:8.4 cpe:/a:redhat:rhel_e4s:8.6 cpe:/a:redhat:rhel_e4s:9.0 cpe:/a:redhat:rhel_eus:8.8 cpe:/a:redhat:rhel_eus:9.2 cpe:/a:redhat:rhel_tus:8.4 cpe:/a:redhat:rhel_tus:8.6 |
Mon, 03 Mar 2025 11:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_e4s:9.0::appstream | |
References |
|
Mon, 03 Mar 2025 08:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:8.8::appstream cpe:/o:redhat:rhel_eus:8.8::baseos |
|
References |
|
Mon, 03 Mar 2025 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_e4s:8.4::baseos cpe:/o:redhat:rhel_tus:8.4::baseos |
|
Vendors & Products |
Redhat rhel Eus
|
|
References |
|
Mon, 03 Mar 2025 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_tus:8.6::baseos |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
References |
|
Sat, 01 Mar 2025 21:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Sat, 01 Mar 2025 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Thu, 27 Feb 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:8 |
Thu, 27 Feb 2025 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos |
|
References |
|
Thu, 27 Feb 2025 10:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9::appstream | |
References |
|
Wed, 19 Feb 2025 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. | A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. |
Wed, 12 Feb 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 12 Feb 2025 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. |
Title | emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme | Emacs: shell injection vulnerability in gnu emacs via custom "man" uri scheme |
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
|
References |
|
Wed, 12 Feb 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | emacs: Shell Injection Vulnerability in GNU Emacs via Custom "man" URI Scheme | |
Weaknesses | CWE-78 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-25T17:20:59.647Z
Reserved: 2025-02-12T07:32:23.452Z
Link: CVE-2025-1244

Updated: 2025-03-01T21:02:26.923Z

Status : Awaiting Analysis
Published: 2025-02-12T15:15:18.430
Modified: 2025-03-13T14:15:34.977
Link: CVE-2025-1244


No data.