CVE-2020-15215 (GCVE-0-2020-15215)

Vulnerability from cvelistv5 – Published: 2020-10-06 18:00 – Updated: 2024-08-04 13:08
VLAI?
Summary
Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.
Severity ?
5.6 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-693 - Protection Mechanism Failure
  • CWE-668 - Exposure of Resource to Wrong Sphere
Assigner
References
Impacted products
Vendor Product Version
electron electron Affected: >= 8.0.0-beta.0, < 8.5.2
Affected: >= 9.0.0-beta.0, < 9.3.1
Affected: >= 10.0.0-beta.0, < 10.1.2
Affected: >= 11.0.0-beta.0, < 11.0.0-beta.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:08:22.830Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "electron",
          "vendor": "electron",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 8.0.0-beta.0, \u003c 8.5.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0-beta.0, \u003c 9.3.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 10.0.0-beta.0, \u003c 10.1.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693 Protection Mechanism Failure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "CWE-668 Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T18:00:17",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
        }
      ],
      "source": {
        "advisory": "GHSA-56pc-6jqp-xqj8",
        "discovery": "UNKNOWN"
      },
      "title": "Context isolation bypass in Electron",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15215",
          "STATE": "PUBLIC",
          "TITLE": "Context isolation bypass in Electron"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "electron",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 8.0.0-beta.0, \u003c 8.5.2"
                          },
                          {
                            "version_value": "\u003e= 9.0.0-beta.0, \u003c 9.3.1"
                          },
                          {
                            "version_value": "\u003e= 10.0.0-beta.0, \u003c 10.1.2"
                          },
                          {
                            "version_value": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "electron"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693 Protection Mechanism Failure"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-668 Exposure of Resource to Wrong Sphere"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8",
              "refsource": "CONFIRM",
              "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-56pc-6jqp-xqj8",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15215",
    "datePublished": "2020-10-06T18:00:17",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:08:22.830Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F890386-0034-4831-88D2-FDAFCD7F0E86\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta0:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAE00E66-4F55-4A96-9AF6-DF0212A57052\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B080C8F3-3715-4FB1-AFB0-D43D498AC010\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"EF0D930E-1018-46EB-8002-C73A97EF902D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED9C844C-14ED-4371-BE21-16EC7F7824E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF26C943-D81E-45EA-902D-62C9973AC8A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"907D7F4B-BFA1-43D7-87A7-771D8CAA5637\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta6:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8B505B2-E756-4621-80F8-D59B0AB567BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta7:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF99DB03-5FC2-4FD9-9C18-F18F03FC7A74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta8:*:*:*:*:*:*\", \"matchCriteriaId\": \"21851053-E851-4B7D-924F-602077DFE071\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.0:beta9:*:*:*:*:*:*\", \"matchCriteriaId\": \"B48F49CE-4D63-454A-92B0-51655F5473A1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"B07BDAF8-F28F-4B1C-B135-BDB0322289D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E19D2FD-F800-4966-A3F8-11FC843089BA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.0.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"11F9629D-D8EB-418A-BDD4-AF21034CF665\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.1.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A97B7D2-5A5A-4C2F-9926-0CFAEA12D33A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.1.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E4FD779-32BF-43E0-99F0-C6B3E084D83D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.2.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4010776-46D9-4E73-B2BC-6A736E0D192D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.2.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"68C4E052-46E3-4152-B95A-A8C26330AA46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.2.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"F03D63BE-0BB0-4492-9CED-AB97454257D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.2.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"68489F71-36D5-4947-94CF-740D70028948\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.2.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"14AC17C6-3780-4779-A95A-1DAAD799FE3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.2.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0B61270-F062-4286-BFE4-D90251264B41\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.3.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"97237970-8734-45F5-A77C-71E9189FEB15\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.3.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"7482B3C9-3568-4E7F-B4B9-85E1ABD96A1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.3.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D4D6ACF-8EB1-4058-9052-055C151D066E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.3.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A9B536A-1CDD-414C-8C49-11466C7A131A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.3.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"43C61192-2258-466B-B222-225C99983355\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.4.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3D2AA53-DCC7-40F9-9BA6-BC27B73EACC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.4.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"B022C207-380A-4D1F-B710-F97AD68EB62D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.5.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA36A42A-5DFE-4A92-B9E9-E2FAB651439D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:8.5.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"75B4DDBC-A3B3-4A5A-9D13-177D8E7459CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"87556FB9-4AEC-4C3A-8DF6-4480728C8605\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta0:*:*:*:*:*:*\", \"matchCriteriaId\": \"935D2315-3FF2-4402-8A83-A7362939E7AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB793B7F-1C9D-445D-A849-CB28577CA760\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta10:*:*:*:*:*:*\", \"matchCriteriaId\": \"0C340AA9-8D81-4927-9447-DFCF0DD385AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta11:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8DF366B-644E-4C43-9DF1-37F1ADD36532\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta12:*:*:*:*:*:*\", \"matchCriteriaId\": \"BAC64CED-4F36-4667-B909-4265DDEBDA3F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta13:*:*:*:*:*:*\", \"matchCriteriaId\": \"17574861-A808-406A-9B0D-403AD99EA160\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta14:*:*:*:*:*:*\", \"matchCriteriaId\": \"79CB734A-05B3-4388-BD8F-ECD3FD699D87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta15:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E0E7E72-B138-4E09-BEE0-219643377314\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta16:*:*:*:*:*:*\", \"matchCriteriaId\": \"B19F82AA-3660-4AC5-920E-7E36534ADF36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta17:*:*:*:*:*:*\", \"matchCriteriaId\": \"29850E51-1EB9-4E9E-9AAC-ACAC12CDCAB6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta18:*:*:*:*:*:*\", \"matchCriteriaId\": \"84544C05-24A7-4CDE-B6E1-EC05B6CD9836\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta19:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8AF3443-F01C-407F-BEE2-A8E601A09211\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"F962D5DC-C4EE-42C0-9BA8-C17B5ADAE178\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta20:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB7A193D-7B1F-45F0-B385-DE8C75D7088D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BFFB27D-B11F-4F5B-8624-27042F8A664A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF67CE0D-79D8-4CCC-8152-6989D681B618\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"965FE481-DC51-4123-B47A-4825E7231B33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta6:*:*:*:*:*:*\", \"matchCriteriaId\": \"AAC42DF7-3344-4C5C-B01A-B24F7C7FA47A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta7:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CA4015A-6D70-490E-AEFD-1C64F582F9DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta8:*:*:*:*:*:*\", \"matchCriteriaId\": \"72B0EAB3-F11C-42B3-8F4A-3D4B652A2740\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.0:beta9:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2F409DE-D2A1-49A6-AA57-D735F4B07D29\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9F2D5B4-8BE8-4225-ABE7-385E6E796EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EC5FA64D-C502-43B2-AE3A-60900B938441\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"994B6421-EFF6-43E6-AF93-1ED493DD33D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFD0253D-47B6-4412-B1F4-4AD53636C903\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.5:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"96EDD4F1-A756-4937-A792-FFA60774F131\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.0.6:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C0AAB78-7E51-4E68-A64F-3E65346B87F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.1.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"3CF98CC1-9B45-463A-B342-763B2B35FCCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.1.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC3A997F-4F2A-461E-A740-EF740F427034\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.1.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"203B5D41-86AE-4EB1-9623-201CE0259E0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.2.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6BA120D-1953-470A-9022-8C1365FDA033\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.2.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A544F21-ABCA-41A5-9D7A-0D19B2E3E41C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:9.3.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E3FB9AC-A471-461C-9C2D-3FEA3487A8F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"F91413A0-0820-4714-BF94-16FC961CC9F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"325AEE66-5BB3-4317-904C-CAEF33DA34F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta10:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD4B098E-D71A-4770-8A80-75FFCDE5E3A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta11:*:*:*:*:*:*\", \"matchCriteriaId\": \"D31F3B77-B1FA-4AF6-B78B-3591F0C34A7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta12:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A888965-E6AF-4514-83FE-9BFD098A601B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta13:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C4D65F-592A-4BB6-8C76-2157AB4C2B21\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta14:*:*:*:*:*:*\", \"matchCriteriaId\": \"94ECDC48-11AC-45AA-9A4D-E24DB7713799\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta15:*:*:*:*:*:*\", \"matchCriteriaId\": \"806D6913-2852-406A-AF46-E5C7FE62C739\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta16:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EF21A1C-3BDF-40CB-9BAD-9192BBC845C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta17:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E63CACD-F4D7-42C5-97AC-295FEF4DEDCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta18:*:*:*:*:*:*\", \"matchCriteriaId\": \"54D63BBE-11E5-4E25-BFF3-368653FAD8C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta19:*:*:*:*:*:*\", \"matchCriteriaId\": \"24071397-1BE9-42BC-8BE4-AA3E898BE02B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"B72266CF-A2BE-4C6A-B7AB-9110C2672758\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta20:*:*:*:*:*:*\", \"matchCriteriaId\": \"747441F0-DD8C-47FD-B13C-6FEAFE79A160\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta21:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEFD1B8C-7777-42C1-BE27-1BC54CF7C65E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta22:*:*:*:*:*:*\", \"matchCriteriaId\": \"70F61C9A-104E-47E3-A46D-198651075460\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta23:*:*:*:*:*:*\", \"matchCriteriaId\": \"8DB5AC65-DCFA-4549-B08B-77AAAAC9248E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta24:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DB704A9-DD31-400E-A4EE-1A32D0D415D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta25:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE4B1A04-EBB1-4C3E-9CE0-5CD487F27303\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"782AD115-2503-4663-9DBC-64DC82C363CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"C75A9CD8-0E3B-44CF-A828-A5DDD6EBD8B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"9655B40F-53E5-4F7D-8D8D-85FCFDC3B1FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta6:*:*:*:*:*:*\", \"matchCriteriaId\": \"2419A888-4BF2-4548-8ACA-9550B276247E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta7:*:*:*:*:*:*\", \"matchCriteriaId\": \"353F51BC-7627-48C3-AFBD-E287D7FC9DF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta8:*:*:*:*:*:*\", \"matchCriteriaId\": \"95FE3E21-1A8A-45D6-B797-903F4D24A460\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.0:beta9:*:*:*:*:*:*\", \"matchCriteriaId\": \"BECA8D37-A00D-4CBA-9195-DAFA9CFE951D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.0.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"56DE863F-2D6B-482D-9445-3AA76DCD9B77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.1.0:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1480FDF-4A57-4C08-A497-69010747562D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:10.1.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"37690A80-D6EC-40FA-ADE2-55B4011FB5E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:11.0.0:beta0:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE8836CC-F620-4C83-A398-D2068FECB5E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:11.0.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B056B81-3764-49FB-A3C3-EA9B3FB763D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:11.0.0:beta2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8D7AA38-6CE2-4DEC-85BE-6329F37800FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:11.0.0:beta3:*:*:*:*:*:*\", \"matchCriteriaId\": \"17001FC8-E8BF-4FB3-B619-598AEBEB3351\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:11.0.0:beta4:*:*:*:*:*:*\", \"matchCriteriaId\": \"C662DF3F-FB51-4B87-9133-528B921599E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:electronjs:electron:11.0.0:beta5:*:*:*:*:*:*\", \"matchCriteriaId\": \"F91CE004-5775-4A85-AE15-79928DC4F8F7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.\"}, {\"lang\": \"es\", \"value\": \"Electron anteriores a las versiones 11.0.0-beta.6, 10.1.2, 9.3.1 o 8.5.2, es vulnerable a una omisi\\u00f3n de aislamiento de contexto.\u0026#xa0;Las aplicaciones que usan tanto \\\"contextIsolation\\\" como \\\"sandbox: true\\\" est\\u00e1n afectadas.\u0026#xa0;Las aplicaciones que usan \\\"contextIsolation\\\" y \\\"nodeIntegrationInSubFrames: true\\\" est\\u00e1n afectadas.\u0026#xa0;Esta es una omisi\\u00f3n de aislamiento de contexto, lo que significa que el c\\u00f3digo que se ejecuta en el contexto main world en el renderizador puede llegar al contexto de Electron aislado y realizar acciones privilegiadas\"}]",
      "id": "CVE-2020-15215",
      "lastModified": "2024-11-21T05:05:06.480",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.6, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 3.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-10-06T18:15:14.797",
      "references": "[{\"url\": \"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-668\"}, {\"lang\": \"en\", \"value\": \"CWE-693\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15215\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-10-06T18:15:14.797\",\"lastModified\":\"2024-11-21T05:05:06.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.\"},{\"lang\":\"es\",\"value\":\"Electron anteriores a las versiones 11.0.0-beta.6, 10.1.2, 9.3.1 o 8.5.2, es vulnerable a una omisi\u00f3n de aislamiento de contexto.\u0026#xa0;Las aplicaciones que usan tanto \\\"contextIsolation\\\" como \\\"sandbox: true\\\" est\u00e1n afectadas.\u0026#xa0;Las aplicaciones que usan \\\"contextIsolation\\\" y \\\"nodeIntegrationInSubFrames: true\\\" est\u00e1n afectadas.\u0026#xa0;Esta es una omisi\u00f3n de aislamiento de contexto, lo que significa que el c\u00f3digo que se ejecuta en el contexto main world en el renderizador puede llegar al contexto de Electron aislado y realizar acciones privilegiadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-668\"},{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F890386-0034-4831-88D2-FDAFCD7F0E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAE00E66-4F55-4A96-9AF6-DF0212A57052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B080C8F3-3715-4FB1-AFB0-D43D498AC010\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0D930E-1018-46EB-8002-C73A97EF902D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9C844C-14ED-4371-BE21-16EC7F7824E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF26C943-D81E-45EA-902D-62C9973AC8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"907D7F4B-BFA1-43D7-87A7-771D8CAA5637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8B505B2-E756-4621-80F8-D59B0AB567BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF99DB03-5FC2-4FD9-9C18-F18F03FC7A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"21851053-E851-4B7D-924F-602077DFE071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48F49CE-4D63-454A-92B0-51655F5473A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07BDAF8-F28F-4B1C-B135-BDB0322289D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E19D2FD-F800-4966-A3F8-11FC843089BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F9629D-D8EB-418A-BDD4-AF21034CF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A97B7D2-5A5A-4C2F-9926-0CFAEA12D33A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4FD779-32BF-43E0-99F0-C6B3E084D83D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4010776-46D9-4E73-B2BC-6A736E0D192D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C4E052-46E3-4152-B95A-A8C26330AA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03D63BE-0BB0-4492-9CED-AB97454257D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68489F71-36D5-4947-94CF-740D70028948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AC17C6-3780-4779-A95A-1DAAD799FE3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0B61270-F062-4286-BFE4-D90251264B41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"97237970-8734-45F5-A77C-71E9189FEB15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7482B3C9-3568-4E7F-B4B9-85E1ABD96A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4D6ACF-8EB1-4058-9052-055C151D066E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A9B536A-1CDD-414C-8C49-11466C7A131A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"43C61192-2258-466B-B222-225C99983355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D2AA53-DCC7-40F9-9BA6-BC27B73EACC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B022C207-380A-4D1F-B710-F97AD68EB62D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA36A42A-5DFE-4A92-B9E9-E2FAB651439D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B4DDBC-A3B3-4A5A-9D13-177D8E7459CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"87556FB9-4AEC-4C3A-8DF6-4480728C8605\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"935D2315-3FF2-4402-8A83-A7362939E7AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB793B7F-1C9D-445D-A849-CB28577CA760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C340AA9-8D81-4927-9447-DFCF0DD385AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8DF366B-644E-4C43-9DF1-37F1ADD36532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC64CED-4F36-4667-B909-4265DDEBDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"17574861-A808-406A-9B0D-403AD99EA160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CB734A-05B3-4388-BD8F-ECD3FD699D87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0E7E72-B138-4E09-BEE0-219643377314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"B19F82AA-3660-4AC5-920E-7E36534ADF36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"29850E51-1EB9-4E9E-9AAC-ACAC12CDCAB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"84544C05-24A7-4CDE-B6E1-EC05B6CD9836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8AF3443-F01C-407F-BEE2-A8E601A09211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F962D5DC-C4EE-42C0-9BA8-C17B5ADAE178\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB7A193D-7B1F-45F0-B385-DE8C75D7088D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFFB27D-B11F-4F5B-8624-27042F8A664A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF67CE0D-79D8-4CCC-8152-6989D681B618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"965FE481-DC51-4123-B47A-4825E7231B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAC42DF7-3344-4C5C-B01A-B24F7C7FA47A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA4015A-6D70-490E-AEFD-1C64F582F9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B0EAB3-F11C-42B3-8F4A-3D4B652A2740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F409DE-D2A1-49A6-AA57-D735F4B07D29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F2D5B4-8BE8-4225-ABE7-385E6E796EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5FA64D-C502-43B2-AE3A-60900B938441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"994B6421-EFF6-43E6-AF93-1ED493DD33D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD0253D-47B6-4412-B1F4-4AD53636C903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96EDD4F1-A756-4937-A792-FFA60774F131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C0AAB78-7E51-4E68-A64F-3E65346B87F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF98CC1-9B45-463A-B342-763B2B35FCCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3A997F-4F2A-461E-A740-EF740F427034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"203B5D41-86AE-4EB1-9623-201CE0259E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BA120D-1953-470A-9022-8C1365FDA033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A544F21-ABCA-41A5-9D7A-0D19B2E3E41C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3FB9AC-A471-461C-9C2D-3FEA3487A8F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91413A0-0820-4714-BF94-16FC961CC9F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"325AEE66-5BB3-4317-904C-CAEF33DA34F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4B098E-D71A-4770-8A80-75FFCDE5E3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31F3B77-B1FA-4AF6-B78B-3591F0C34A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A888965-E6AF-4514-83FE-9BFD098A601B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C4D65F-592A-4BB6-8C76-2157AB4C2B21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"94ECDC48-11AC-45AA-9A4D-E24DB7713799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"806D6913-2852-406A-AF46-E5C7FE62C739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF21A1C-3BDF-40CB-9BAD-9192BBC845C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E63CACD-F4D7-42C5-97AC-295FEF4DEDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D63BBE-11E5-4E25-BFF3-368653FAD8C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"24071397-1BE9-42BC-8BE4-AA3E898BE02B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72266CF-A2BE-4C6A-B7AB-9110C2672758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"747441F0-DD8C-47FD-B13C-6FEAFE79A160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta21:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEFD1B8C-7777-42C1-BE27-1BC54CF7C65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta22:*:*:*:*:*:*\",\"matchCriteriaId\":\"70F61C9A-104E-47E3-A46D-198651075460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta23:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DB5AC65-DCFA-4549-B08B-77AAAAC9248E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta24:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB704A9-DD31-400E-A4EE-1A32D0D415D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta25:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4B1A04-EBB1-4C3E-9CE0-5CD487F27303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"782AD115-2503-4663-9DBC-64DC82C363CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75A9CD8-0E3B-44CF-A828-A5DDD6EBD8B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9655B40F-53E5-4F7D-8D8D-85FCFDC3B1FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2419A888-4BF2-4548-8ACA-9550B276247E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"353F51BC-7627-48C3-AFBD-E287D7FC9DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"95FE3E21-1A8A-45D6-B797-903F4D24A460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"BECA8D37-A00D-4CBA-9195-DAFA9CFE951D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"56DE863F-2D6B-482D-9445-3AA76DCD9B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1480FDF-4A57-4C08-A497-69010747562D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"37690A80-D6EC-40FA-ADE2-55B4011FB5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8836CC-F620-4C83-A398-D2068FECB5E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B056B81-3764-49FB-A3C3-EA9B3FB763D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D7AA38-6CE2-4DEC-85BE-6329F37800FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17001FC8-E8BF-4FB3-B619-598AEBEB3351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C662DF3F-FB51-4B87-9133-528B921599E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91CE004-5775-4A85-AE15-79928DC4F8F7\"}]}]}],\"references\":[{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.