CVE-2020-15215 (GCVE-0-2020-15215)
Vulnerability from cvelistv5
Published
2020-10-06 18:00
Modified
2024-08-04 13:08
Severity ?
5.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-693 - Protection Mechanism Failure
  • CWE-668 - Exposure of Resource to Wrong Sphere
Summary
Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.
References
Impacted products
Vendor Product Version
electron electron Version: >= 8.0.0-beta.0, < 8.5.2
Version: >= 9.0.0-beta.0, < 9.3.1
Version: >= 10.0.0-beta.0, < 10.1.2
Version: >= 11.0.0-beta.0, < 11.0.0-beta.6
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:08:22.830Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "electron",
          "vendor": "electron",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 8.0.0-beta.0, \u003c 8.5.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0-beta.0, \u003c 9.3.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 10.0.0-beta.0, \u003c 10.1.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693 Protection Mechanism Failure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "CWE-668 Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T18:00:17",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
        }
      ],
      "source": {
        "advisory": "GHSA-56pc-6jqp-xqj8",
        "discovery": "UNKNOWN"
      },
      "title": "Context isolation bypass in Electron",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15215",
          "STATE": "PUBLIC",
          "TITLE": "Context isolation bypass in Electron"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "electron",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 8.0.0-beta.0, \u003c 8.5.2"
                          },
                          {
                            "version_value": "\u003e= 9.0.0-beta.0, \u003c 9.3.1"
                          },
                          {
                            "version_value": "\u003e= 10.0.0-beta.0, \u003c 10.1.2"
                          },
                          {
                            "version_value": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "electron"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693 Protection Mechanism Failure"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-668 Exposure of Resource to Wrong Sphere"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8",
              "refsource": "CONFIRM",
              "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-56pc-6jqp-xqj8",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15215",
    "datePublished": "2020-10-06T18:00:17",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:08:22.830Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15215\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-10-06T18:15:14.797\",\"lastModified\":\"2024-11-21T05:05:06.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.\"},{\"lang\":\"es\",\"value\":\"Electron anteriores a las versiones 11.0.0-beta.6, 10.1.2, 9.3.1 o 8.5.2, es vulnerable a una omisi\u00f3n de aislamiento de contexto.\u0026#xa0;Las aplicaciones que usan tanto \\\"contextIsolation\\\" como \\\"sandbox: true\\\" est\u00e1n afectadas.\u0026#xa0;Las aplicaciones que usan \\\"contextIsolation\\\" y \\\"nodeIntegrationInSubFrames: true\\\" est\u00e1n afectadas.\u0026#xa0;Esta es una omisi\u00f3n de aislamiento de contexto, lo que significa que el c\u00f3digo que se ejecuta en el contexto main world en el renderizador puede llegar al contexto de Electron aislado y realizar acciones privilegiadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-668\"},{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F890386-0034-4831-88D2-FDAFCD7F0E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAE00E66-4F55-4A96-9AF6-DF0212A57052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B080C8F3-3715-4FB1-AFB0-D43D498AC010\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0D930E-1018-46EB-8002-C73A97EF902D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9C844C-14ED-4371-BE21-16EC7F7824E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF26C943-D81E-45EA-902D-62C9973AC8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"907D7F4B-BFA1-43D7-87A7-771D8CAA5637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8B505B2-E756-4621-80F8-D59B0AB567BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF99DB03-5FC2-4FD9-9C18-F18F03FC7A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"21851053-E851-4B7D-924F-602077DFE071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48F49CE-4D63-454A-92B0-51655F5473A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07BDAF8-F28F-4B1C-B135-BDB0322289D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E19D2FD-F800-4966-A3F8-11FC843089BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F9629D-D8EB-418A-BDD4-AF21034CF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A97B7D2-5A5A-4C2F-9926-0CFAEA12D33A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4FD779-32BF-43E0-99F0-C6B3E084D83D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4010776-46D9-4E73-B2BC-6A736E0D192D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C4E052-46E3-4152-B95A-A8C26330AA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03D63BE-0BB0-4492-9CED-AB97454257D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68489F71-36D5-4947-94CF-740D70028948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AC17C6-3780-4779-A95A-1DAAD799FE3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0B61270-F062-4286-BFE4-D90251264B41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"97237970-8734-45F5-A77C-71E9189FEB15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7482B3C9-3568-4E7F-B4B9-85E1ABD96A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4D6ACF-8EB1-4058-9052-055C151D066E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A9B536A-1CDD-414C-8C49-11466C7A131A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"43C61192-2258-466B-B222-225C99983355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D2AA53-DCC7-40F9-9BA6-BC27B73EACC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B022C207-380A-4D1F-B710-F97AD68EB62D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA36A42A-5DFE-4A92-B9E9-E2FAB651439D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B4DDBC-A3B3-4A5A-9D13-177D8E7459CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"87556FB9-4AEC-4C3A-8DF6-4480728C8605\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"935D2315-3FF2-4402-8A83-A7362939E7AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB793B7F-1C9D-445D-A849-CB28577CA760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C340AA9-8D81-4927-9447-DFCF0DD385AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8DF366B-644E-4C43-9DF1-37F1ADD36532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC64CED-4F36-4667-B909-4265DDEBDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"17574861-A808-406A-9B0D-403AD99EA160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CB734A-05B3-4388-BD8F-ECD3FD699D87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0E7E72-B138-4E09-BEE0-219643377314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"B19F82AA-3660-4AC5-920E-7E36534ADF36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"29850E51-1EB9-4E9E-9AAC-ACAC12CDCAB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"84544C05-24A7-4CDE-B6E1-EC05B6CD9836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8AF3443-F01C-407F-BEE2-A8E601A09211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F962D5DC-C4EE-42C0-9BA8-C17B5ADAE178\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB7A193D-7B1F-45F0-B385-DE8C75D7088D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFFB27D-B11F-4F5B-8624-27042F8A664A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF67CE0D-79D8-4CCC-8152-6989D681B618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"965FE481-DC51-4123-B47A-4825E7231B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAC42DF7-3344-4C5C-B01A-B24F7C7FA47A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA4015A-6D70-490E-AEFD-1C64F582F9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B0EAB3-F11C-42B3-8F4A-3D4B652A2740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F409DE-D2A1-49A6-AA57-D735F4B07D29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F2D5B4-8BE8-4225-ABE7-385E6E796EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5FA64D-C502-43B2-AE3A-60900B938441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"994B6421-EFF6-43E6-AF93-1ED493DD33D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD0253D-47B6-4412-B1F4-4AD53636C903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96EDD4F1-A756-4937-A792-FFA60774F131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C0AAB78-7E51-4E68-A64F-3E65346B87F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF98CC1-9B45-463A-B342-763B2B35FCCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3A997F-4F2A-461E-A740-EF740F427034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"203B5D41-86AE-4EB1-9623-201CE0259E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BA120D-1953-470A-9022-8C1365FDA033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A544F21-ABCA-41A5-9D7A-0D19B2E3E41C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3FB9AC-A471-461C-9C2D-3FEA3487A8F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91413A0-0820-4714-BF94-16FC961CC9F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"325AEE66-5BB3-4317-904C-CAEF33DA34F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4B098E-D71A-4770-8A80-75FFCDE5E3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31F3B77-B1FA-4AF6-B78B-3591F0C34A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A888965-E6AF-4514-83FE-9BFD098A601B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C4D65F-592A-4BB6-8C76-2157AB4C2B21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"94ECDC48-11AC-45AA-9A4D-E24DB7713799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"806D6913-2852-406A-AF46-E5C7FE62C739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF21A1C-3BDF-40CB-9BAD-9192BBC845C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E63CACD-F4D7-42C5-97AC-295FEF4DEDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D63BBE-11E5-4E25-BFF3-368653FAD8C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"24071397-1BE9-42BC-8BE4-AA3E898BE02B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72266CF-A2BE-4C6A-B7AB-9110C2672758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"747441F0-DD8C-47FD-B13C-6FEAFE79A160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta21:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEFD1B8C-7777-42C1-BE27-1BC54CF7C65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta22:*:*:*:*:*:*\",\"matchCriteriaId\":\"70F61C9A-104E-47E3-A46D-198651075460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta23:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DB5AC65-DCFA-4549-B08B-77AAAAC9248E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta24:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB704A9-DD31-400E-A4EE-1A32D0D415D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta25:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4B1A04-EBB1-4C3E-9CE0-5CD487F27303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"782AD115-2503-4663-9DBC-64DC82C363CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75A9CD8-0E3B-44CF-A828-A5DDD6EBD8B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9655B40F-53E5-4F7D-8D8D-85FCFDC3B1FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2419A888-4BF2-4548-8ACA-9550B276247E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"353F51BC-7627-48C3-AFBD-E287D7FC9DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"95FE3E21-1A8A-45D6-B797-903F4D24A460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"BECA8D37-A00D-4CBA-9195-DAFA9CFE951D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"56DE863F-2D6B-482D-9445-3AA76DCD9B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1480FDF-4A57-4C08-A497-69010747562D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"37690A80-D6EC-40FA-ADE2-55B4011FB5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8836CC-F620-4C83-A398-D2068FECB5E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B056B81-3764-49FB-A3C3-EA9B3FB763D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D7AA38-6CE2-4DEC-85BE-6329F37800FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17001FC8-E8BF-4FB3-B619-598AEBEB3351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C662DF3F-FB51-4B87-9133-528B921599E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91CE004-5775-4A85-AE15-79928DC4F8F7\"}]}]}],\"references\":[{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.