Medium severity5.5NVD Advisory· Published Oct 31, 2017· Updated May 13, 2026

CVE-2017-1000383

Description

GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.openwall.com/lists/oss-security/2017/10/31/1nvdMailing ListThird Party Advisory
www.securityfocus.com/bid/101671nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000