CVE-2020-15215 (GCVE-0-2020-15215)

Vulnerability from cvelistv5 – Published: 2020-10-06 18:00 – Updated: 2024-08-04 13:08
VLAI?
Title
Context isolation bypass in Electron
Summary
Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.
Severity ?
5.6 (Medium)
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
  • CWE-693 - Protection Mechanism Failure
  • CWE-668 - Exposure of Resource to Wrong Sphere
Assigner
References
Impacted products
Vendor Product Version
electron electron Affected: >= 8.0.0-beta.0, < 8.5.2
Affected: >= 9.0.0-beta.0, < 9.3.1
Affected: >= 10.0.0-beta.0, < 10.1.2
Affected: >= 11.0.0-beta.0, < 11.0.0-beta.6
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T13:08:22.830Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "electron",
          "vendor": "electron",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 8.0.0-beta.0, \u003c 8.5.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 9.0.0-beta.0, \u003c 9.3.1"
            },
            {
              "status": "affected",
              "version": "\u003e= 10.0.0-beta.0, \u003c 10.1.2"
            },
            {
              "status": "affected",
              "version": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-693",
              "description": "CWE-693 Protection Mechanism Failure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "CWE-668 Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-10-06T18:00:17",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
        }
      ],
      "source": {
        "advisory": "GHSA-56pc-6jqp-xqj8",
        "discovery": "UNKNOWN"
      },
      "title": "Context isolation bypass in Electron",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2020-15215",
          "STATE": "PUBLIC",
          "TITLE": "Context isolation bypass in Electron"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "electron",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003e= 8.0.0-beta.0, \u003c 8.5.2"
                          },
                          {
                            "version_value": "\u003e= 9.0.0-beta.0, \u003c 9.3.1"
                          },
                          {
                            "version_value": "\u003e= 10.0.0-beta.0, \u003c 10.1.2"
                          },
                          {
                            "version_value": "\u003e= 11.0.0-beta.0, \u003c 11.0.0-beta.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "electron"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-693 Protection Mechanism Failure"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-668 Exposure of Resource to Wrong Sphere"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8",
              "refsource": "CONFIRM",
              "url": "https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-56pc-6jqp-xqj8",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2020-15215",
    "datePublished": "2020-10-06T18:00:17",
    "dateReserved": "2020-06-25T00:00:00",
    "dateUpdated": "2024-08-04T13:08:22.830Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-15215\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-10-06T18:15:14.797\",\"lastModified\":\"2024-11-21T05:05:06.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.\"},{\"lang\":\"es\",\"value\":\"Electron anteriores a las versiones 11.0.0-beta.6, 10.1.2, 9.3.1 o 8.5.2, es vulnerable a una omisi\u00f3n de aislamiento de contexto.\u0026#xa0;Las aplicaciones que usan tanto \\\"contextIsolation\\\" como \\\"sandbox: true\\\" est\u00e1n afectadas.\u0026#xa0;Las aplicaciones que usan \\\"contextIsolation\\\" y \\\"nodeIntegrationInSubFrames: true\\\" est\u00e1n afectadas.\u0026#xa0;Esta es una omisi\u00f3n de aislamiento de contexto, lo que significa que el c\u00f3digo que se ejecuta en el contexto main world en el renderizador puede llegar al contexto de Electron aislado y realizar acciones privilegiadas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-668\"},{\"lang\":\"en\",\"value\":\"CWE-693\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F890386-0034-4831-88D2-FDAFCD7F0E86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAE00E66-4F55-4A96-9AF6-DF0212A57052\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B080C8F3-3715-4FB1-AFB0-D43D498AC010\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF0D930E-1018-46EB-8002-C73A97EF902D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED9C844C-14ED-4371-BE21-16EC7F7824E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF26C943-D81E-45EA-902D-62C9973AC8A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"907D7F4B-BFA1-43D7-87A7-771D8CAA5637\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8B505B2-E756-4621-80F8-D59B0AB567BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF99DB03-5FC2-4FD9-9C18-F18F03FC7A74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"21851053-E851-4B7D-924F-602077DFE071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B48F49CE-4D63-454A-92B0-51655F5473A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B07BDAF8-F28F-4B1C-B135-BDB0322289D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E19D2FD-F800-4966-A3F8-11FC843089BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"11F9629D-D8EB-418A-BDD4-AF21034CF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A97B7D2-5A5A-4C2F-9926-0CFAEA12D33A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E4FD779-32BF-43E0-99F0-C6B3E084D83D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4010776-46D9-4E73-B2BC-6A736E0D192D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68C4E052-46E3-4152-B95A-A8C26330AA46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F03D63BE-0BB0-4492-9CED-AB97454257D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"68489F71-36D5-4947-94CF-740D70028948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"14AC17C6-3780-4779-A95A-1DAAD799FE3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.2.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0B61270-F062-4286-BFE4-D90251264B41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"97237970-8734-45F5-A77C-71E9189FEB15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7482B3C9-3568-4E7F-B4B9-85E1ABD96A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D4D6ACF-8EB1-4058-9052-055C151D066E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A9B536A-1CDD-414C-8C49-11466C7A131A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.3.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"43C61192-2258-466B-B222-225C99983355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3D2AA53-DCC7-40F9-9BA6-BC27B73EACC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.4.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"B022C207-380A-4D1F-B710-F97AD68EB62D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA36A42A-5DFE-4A92-B9E9-E2FAB651439D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:8.5.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B4DDBC-A3B3-4A5A-9D13-177D8E7459CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"87556FB9-4AEC-4C3A-8DF6-4480728C8605\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"935D2315-3FF2-4402-8A83-A7362939E7AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB793B7F-1C9D-445D-A849-CB28577CA760\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C340AA9-8D81-4927-9447-DFCF0DD385AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8DF366B-644E-4C43-9DF1-37F1ADD36532\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC64CED-4F36-4667-B909-4265DDEBDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"17574861-A808-406A-9B0D-403AD99EA160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"79CB734A-05B3-4388-BD8F-ECD3FD699D87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E0E7E72-B138-4E09-BEE0-219643377314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"B19F82AA-3660-4AC5-920E-7E36534ADF36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"29850E51-1EB9-4E9E-9AAC-ACAC12CDCAB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"84544C05-24A7-4CDE-B6E1-EC05B6CD9836\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8AF3443-F01C-407F-BEE2-A8E601A09211\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F962D5DC-C4EE-42C0-9BA8-C17B5ADAE178\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB7A193D-7B1F-45F0-B385-DE8C75D7088D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BFFB27D-B11F-4F5B-8624-27042F8A664A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF67CE0D-79D8-4CCC-8152-6989D681B618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"965FE481-DC51-4123-B47A-4825E7231B33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAC42DF7-3344-4C5C-B01A-B24F7C7FA47A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CA4015A-6D70-490E-AEFD-1C64F582F9DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"72B0EAB3-F11C-42B3-8F4A-3D4B652A2740\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2F409DE-D2A1-49A6-AA57-D735F4B07D29\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9F2D5B4-8BE8-4225-ABE7-385E6E796EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC5FA64D-C502-43B2-AE3A-60900B938441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"994B6421-EFF6-43E6-AF93-1ED493DD33D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD0253D-47B6-4412-B1F4-4AD53636C903\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"96EDD4F1-A756-4937-A792-FFA60774F131\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.0.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C0AAB78-7E51-4E68-A64F-3E65346B87F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF98CC1-9B45-463A-B342-763B2B35FCCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3A997F-4F2A-461E-A740-EF740F427034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.1.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"203B5D41-86AE-4EB1-9623-201CE0259E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6BA120D-1953-470A-9022-8C1365FDA033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.2.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A544F21-ABCA-41A5-9D7A-0D19B2E3E41C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:9.3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3FB9AC-A471-461C-9C2D-3FEA3487A8F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91413A0-0820-4714-BF94-16FC961CC9F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"325AEE66-5BB3-4317-904C-CAEF33DA34F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD4B098E-D71A-4770-8A80-75FFCDE5E3A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D31F3B77-B1FA-4AF6-B78B-3591F0C34A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta12:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A888965-E6AF-4514-83FE-9BFD098A601B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta13:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C4D65F-592A-4BB6-8C76-2157AB4C2B21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta14:*:*:*:*:*:*\",\"matchCriteriaId\":\"94ECDC48-11AC-45AA-9A4D-E24DB7713799\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta15:*:*:*:*:*:*\",\"matchCriteriaId\":\"806D6913-2852-406A-AF46-E5C7FE62C739\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta16:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EF21A1C-3BDF-40CB-9BAD-9192BBC845C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta17:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E63CACD-F4D7-42C5-97AC-295FEF4DEDCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta18:*:*:*:*:*:*\",\"matchCriteriaId\":\"54D63BBE-11E5-4E25-BFF3-368653FAD8C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta19:*:*:*:*:*:*\",\"matchCriteriaId\":\"24071397-1BE9-42BC-8BE4-AA3E898BE02B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B72266CF-A2BE-4C6A-B7AB-9110C2672758\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta20:*:*:*:*:*:*\",\"matchCriteriaId\":\"747441F0-DD8C-47FD-B13C-6FEAFE79A160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta21:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEFD1B8C-7777-42C1-BE27-1BC54CF7C65E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta22:*:*:*:*:*:*\",\"matchCriteriaId\":\"70F61C9A-104E-47E3-A46D-198651075460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta23:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DB5AC65-DCFA-4549-B08B-77AAAAC9248E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta24:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DB704A9-DD31-400E-A4EE-1A32D0D415D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta25:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE4B1A04-EBB1-4C3E-9CE0-5CD487F27303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"782AD115-2503-4663-9DBC-64DC82C363CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C75A9CD8-0E3B-44CF-A828-A5DDD6EBD8B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"9655B40F-53E5-4F7D-8D8D-85FCFDC3B1FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2419A888-4BF2-4548-8ACA-9550B276247E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta7:*:*:*:*:*:*\",\"matchCriteriaId\":\"353F51BC-7627-48C3-AFBD-E287D7FC9DF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta8:*:*:*:*:*:*\",\"matchCriteriaId\":\"95FE3E21-1A8A-45D6-B797-903F4D24A460\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.0:beta9:*:*:*:*:*:*\",\"matchCriteriaId\":\"BECA8D37-A00D-4CBA-9195-DAFA9CFE951D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"56DE863F-2D6B-482D-9445-3AA76DCD9B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1480FDF-4A57-4C08-A497-69010747562D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:10.1.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"37690A80-D6EC-40FA-ADE2-55B4011FB5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8836CC-F620-4C83-A398-D2068FECB5E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B056B81-3764-49FB-A3C3-EA9B3FB763D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8D7AA38-6CE2-4DEC-85BE-6329F37800FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17001FC8-E8BF-4FB3-B619-598AEBEB3351\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C662DF3F-FB51-4B87-9133-528B921599E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:electronjs:electron:11.0.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"F91CE004-5775-4A85-AE15-79928DC4F8F7\"}]}]}],\"references\":[{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.