CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0CVE-2022-29247 – Exposure of Resource to Wrong Sphere in Electron
https://notcve.org/view.php?id=CVE-2022-29247
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeIntegrationInSubFrames` enabled which in turn allows effective access to `ipcRenderer`. The `nodeIntegrationInSubFrames` option does not implicitly grant Node.js access. Rather, it depends on the existing sandbox setting. If an application is sandboxed, then `nodeIntegrationInSubFrames` just gives access to the sandboxed renderer APIs, which include `ipcRenderer`. • https://github.com/electron/electron/security/advisories/GHSA-mq8j-3h7h-p8g7 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-21718 – Renderers can obtain access to random bluetooth device without permission in Electron
https://notcve.org/view.php?id=CVE-2022-21718
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue. Electron es un marco de trabajo para escribir aplicaciones de escritorio multiplataforma usando JavaScript, HTML y CSS. • https://github.com/electron/electron/pull/32178 https://github.com/electron/electron/pull/32240 https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749 • CWE-668: Exposure of Resource to Wrong Sphere CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2020-15096 – Context isolation bypass via Promise in Electron
https://notcve.org/view.php?id=CVE-2020-15096
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affected. There are no app-side workarounds, you must update your Electron version to be protected. This is fixed in versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21. En Electron antes de las versiones 6.1.1, 7.2.4, 8.2.4 y 9.0.0-beta21, se presenta una omisión de aislamiento de contexto, quiere decir que el código que se ejecuta en el contexto mundial principal en el renderizador puede alcanzar el contexto de Electron aislado y llevar a cabo acciones privilegiadas. • https://github.com/electron/electron/security/advisories/GHSA-6vrv-94jv-crrg https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824 • CWE-501: Trust Boundary Violation •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-16151
https://notcve.org/view.php?id=CVE-2017-16151
Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the [sandbox option](https://electron.atom.io/docs/api/sandbox-option) is enabled. En base a los detalles proporcionados por el equipo ElectronJS, se ha descubierto una vulnerabilidad de ejecución remota de código en Google Chromium que afecta a todas las versiones recientes de Electron. Cualquier aplicación de Electron que acceda a contenido remoto es vulnerable a este exploit, independientemente de si la [opción sandbox] (https://electron.atom.io/docs/api/sandbox-option) está habilitada. • https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix https://nodesecurity.io/advisories/539 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-1000118
https://notcve.org/view.php?id=CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to have been fixed in Electron 1.8.2-beta.5. This issue is due to an incomplete fix for CVE-2018-1000006, specifically the black list used was not case insensitive allowing an attacker to potentially bypass it. Github Electron en su versión Electron 1.8.2-beta.4 y anteriores, contiene una vulnerabilidad de inyección de comandos en el manipulador de protocolos que puede resultar en la ejecución de comandos. • https://electronjs.org/releases#1.8.2-beta.5 https://github.com/electron/electron/commit/ce361a12e355f9e1e99c989f1ea056c9e502dbe7 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •