cve-2020-15215
Vulnerability from cvelistv5
Published
2020-10-06 18:00
Modified
2024-08-04 13:08
Severity ?
EPSS score ?
Summary
Context isolation bypass in Electron
References
▼ | URL | Tags | |
---|---|---|---|
security-advisories@github.com | https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8 | Third Party Advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T13:08:22.830Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "electron", "vendor": "electron", "versions": [ { "status": "affected", "version": "\u003e= 8.0.0-beta.0, \u003c 8.5.2" }, { "status": "affected", "version": "\u003e= 9.0.0-beta.0, \u003c 9.3.1" }, { "status": "affected", "version": "\u003e= 10.0.0-beta.0, \u003c 10.1.2" }, { "status": "affected", "version": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6" } ] } ], "descriptions": [ { "lang": "en", "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-693", "description": "CWE-693 Protection Mechanism Failure", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-668", "description": "CWE-668 Exposure of Resource to Wrong Sphere", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2020-10-06T18:00:17", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8" } ], "source": { "advisory": "GHSA-56pc-6jqp-xqj8", "discovery": "UNKNOWN" }, "title": "Context isolation bypass in Electron", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2020-15215", "STATE": "PUBLIC", "TITLE": "Context isolation bypass in Electron" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "electron", "version": { "version_data": [ { "version_value": "\u003e= 8.0.0-beta.0, \u003c 8.5.2" }, { "version_value": "\u003e= 9.0.0-beta.0, \u003c 9.3.1" }, { "version_value": "\u003e= 10.0.0-beta.0, \u003c 10.1.2" }, { "version_value": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6" } ] } } ] }, "vendor_name": "electron" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions." } ] }, "impact": { "cvss": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-693 Protection Mechanism Failure" } ] }, { "description": [ { "lang": "eng", "value": "CWE-668 Exposure of Resource to Wrong Sphere" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8", "refsource": "CONFIRM", "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8" } ] }, "source": { "advisory": "GHSA-56pc-6jqp-xqj8", "discovery": "UNKNOWN" } } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2020-15215", "datePublished": "2020-10-06T18:00:17", "dateReserved": "2020-06-25T00:00:00", "dateUpdated": "2024-08-04T13:08:22.830Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-15215\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-10-06T18:15:14.797\",\"lastModified\":\"2020-10-19T14:09:56.547\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.\"},{\"lang\":\"es\",\"value\":\"Electron anteriores a las versiones 11.0.0-beta.6, 10.1.2, 9.3.1 o 8.5.2, es vulnerable a una omisi\u00f3n de aislamiento de contexto.\u0026#xa0;Las aplicaciones que usan tanto \\\"contextIsolation\\\" como \\\"sandbox: true\\\" est\u00e1n afectadas.\u0026#xa0;Las aplicaciones que usan \\\"contextIsolation\\\" y \\\"nodeIntegrationInSubFrames: true\\\" est\u00e1n afectadas.\u0026#xa0;Esta es una omisi\u00f3n de aislamiento de contexto, lo que significa que el c\u00f3digo que se ejecuta en el contexto main world en el renderizador puede llegar al contexto de Electron aislado y realizar acciones privilegiadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":6.8},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-668\"},{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F890386-0034-4831-88D2-FDAFCD7F0E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAE00E66-4F55-4A96-9AF6-DF0212A57052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B080C8F3-3715-4FB1-AFB0-D43D498AC010\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0D930E-1018-46EB-8002-C73A97EF902D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9C844C-14ED-4371-BE21-16EC7F7824E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF26C943-D81E-45EA-902D-62C9973AC8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"907D7F4B-BFA1-43D7-87A7-771D8CAA5637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8B505B2-E756-4621-80F8-D59B0AB567BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF99DB03-5FC2-4FD9-9C18-F18F03FC7A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"21851053-E851-4B7D-924F-602077DFE071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48F49CE-4D63-454A-92B0-51655F5473A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07BDAF8-F28F-4B1C-B135-BDB0322289D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E19D2FD-F800-4966-A3F8-11FC843089BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F9629D-D8EB-418A-BDD4-AF21034CF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A97B7D2-5A5A-4C2F-9926-0CFAEA12D33A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4FD779-32BF-43E0-99F0-C6B3E084D83D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4010776-46D9-4E73-B2BC-6A736E0D192D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C4E052-46E3-4152-B95A-A8C26330AA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03D63BE-0BB0-4492-9CED-AB97454257D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68489F71-36D5-4947-94CF-740D70028948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AC17C6-3780-4779-A95A-1DAAD799FE3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0B61270-F062-4286-BFE4-D90251264B41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"97237970-8734-45F5-A77C-71E9189FEB15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7482B3C9-3568-4E7F-B4B9-85E1ABD96A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4D6ACF-8EB1-4058-9052-055C151D066E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A9B536A-1CDD-414C-8C49-11466C7A131A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"43C61192-2258-466B-B222-225C99983355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D2AA53-DCC7-40F9-9BA6-BC27B73EACC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B022C207-380A-4D1F-B710-F97AD68EB62D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA36A42A-5DFE-4A92-B9E9-E2FAB651439D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B4DDBC-A3B3-4A5A-9D13-177D8E7459CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"87556FB9-4AEC-4C3A-8DF6-4480728C8605\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"935D2315-3FF2-4402-8A83-A7362939E7AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB793B7F-1C9D-445D-A849-CB28577CA760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C340AA9-8D81-4927-9447-DFCF0DD385AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8DF366B-644E-4C43-9DF1-37F1ADD36532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC64CED-4F36-4667-B909-4265DDEBDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"17574861-A808-406A-9B0D-403AD99EA160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CB734A-05B3-4388-BD8F-ECD3FD699D87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0E7E72-B138-4E09-BEE0-219643377314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"B19F82AA-3660-4AC5-920E-7E36534ADF36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"29850E51-1EB9-4E9E-9AAC-ACAC12CDCAB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"84544C05-24A7-4CDE-B6E1-EC05B6CD9836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8AF3443-F01C-407F-BEE2-A8E601A09211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F962D5DC-C4EE-42C0-9BA8-C17B5ADAE178\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB7A193D-7B1F-45F0-B385-DE8C75D7088D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFFB27D-B11F-4F5B-8624-27042F8A664A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF67CE0D-79D8-4CCC-8152-6989D681B618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"965FE481-DC51-4123-B47A-4825E7231B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAC42DF7-3344-4C5C-B01A-B24F7C7FA47A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA4015A-6D70-490E-AEFD-1C64F582F9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B0EAB3-F11C-42B3-8F4A-3D4B652A2740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F409DE-D2A1-49A6-AA57-D735F4B07D29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F2D5B4-8BE8-4225-ABE7-385E6E796EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5FA64D-C502-43B2-AE3A-60900B938441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"994B6421-EFF6-43E6-AF93-1ED493DD33D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD0253D-47B6-4412-B1F4-4AD53636C903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96EDD4F1-A756-4937-A792-FFA60774F131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C0AAB78-7E51-4E68-A64F-3E65346B87F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF98CC1-9B45-463A-B342-763B2B35FCCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3A997F-4F2A-461E-A740-EF740F427034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"203B5D41-86AE-4EB1-9623-201CE0259E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BA120D-1953-470A-9022-8C1365FDA033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A544F21-ABCA-41A5-9D7A-0D19B2E3E41C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3FB9AC-A471-461C-9C2D-3FEA3487A8F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91413A0-0820-4714-BF94-16FC961CC9F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"325AEE66-5BB3-4317-904C-CAEF33DA34F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4B098E-D71A-4770-8A80-75FFCDE5E3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31F3B77-B1FA-4AF6-B78B-3591F0C34A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A888965-E6AF-4514-83FE-9BFD098A601B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C4D65F-592A-4BB6-8C76-2157AB4C2B21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"94ECDC48-11AC-45AA-9A4D-E24DB7713799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"806D6913-2852-406A-AF46-E5C7FE62C739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF21A1C-3BDF-40CB-9BAD-9192BBC845C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E63CACD-F4D7-42C5-97AC-295FEF4DEDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D63BBE-11E5-4E25-BFF3-368653FAD8C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"24071397-1BE9-42BC-8BE4-AA3E898BE02B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72266CF-A2BE-4C6A-B7AB-9110C2672758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"747441F0-DD8C-47FD-B13C-6FEAFE79A160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta21:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEFD1B8C-7777-42C1-BE27-1BC54CF7C65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta22:*:*:*:*:*:*\",\"matchCriteriaId\":\"70F61C9A-104E-47E3-A46D-198651075460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta23:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DB5AC65-DCFA-4549-B08B-77AAAAC9248E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta24:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB704A9-DD31-400E-A4EE-1A32D0D415D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta25:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4B1A04-EBB1-4C3E-9CE0-5CD487F27303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"782AD115-2503-4663-9DBC-64DC82C363CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75A9CD8-0E3B-44CF-A828-A5DDD6EBD8B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9655B40F-53E5-4F7D-8D8D-85FCFDC3B1FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2419A888-4BF2-4548-8ACA-9550B276247E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"353F51BC-7627-48C3-AFBD-E287D7FC9DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"95FE3E21-1A8A-45D6-B797-903F4D24A460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"BECA8D37-A00D-4CBA-9195-DAFA9CFE951D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"56DE863F-2D6B-482D-9445-3AA76DCD9B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1480FDF-4A57-4C08-A497-69010747562D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"37690A80-D6EC-40FA-ADE2-55B4011FB5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8836CC-F620-4C83-A398-D2068FECB5E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B056B81-3764-49FB-A3C3-EA9B3FB763D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D7AA38-6CE2-4DEC-85BE-6329F37800FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17001FC8-E8BF-4FB3-B619-598AEBEB3351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C662DF3F-FB51-4B87-9133-528B921599E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91CE004-5775-4A85-AE15-79928DC4F8F7\"}]}]}],\"references\":[{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.