CVSS: 9.8EPSS: 0%CPEs: 26EXPL: 0CVE-2022-29247 – Exposure of Resource to Wrong Sphere in Electron
https://notcve.org/view.php?id=CVE-2022-29247
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeIntegrationInSubFrames` enabled which in turn allows effective access to `ipcRenderer`. The `nodeIntegrationInSubFrames` option does not implicitly grant Node.js access. Rather, it depends on the existing sandbox setting. If an application is sandboxed, then `nodeIntegrationInSubFrames` just gives access to the sandboxed renderer APIs, which include `ipcRenderer`. • https://github.com/electron/electron/security/advisories/GHSA-mq8j-3h7h-p8g7 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0CVE-2022-21718 – Renderers can obtain access to random bluetooth device without permission in Electron
https://notcve.org/view.php?id=CVE-2022-21718
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue. Electron es un marco de trabajo para escribir aplicaciones de escritorio multiplataforma usando JavaScript, HTML y CSS. • https://github.com/electron/electron/pull/32178 https://github.com/electron/electron/pull/32240 https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749 • CWE-668: Exposure of Resource to Wrong Sphere CWE-862: Missing Authorization •
CVSS: 6.8EPSS: 0%CPEs: 100EXPL: 0CVE-2020-15215 – Context isolation bypass in Electron
https://notcve.org/view.php?id=CVE-2020-15215
Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Electron anteriores a las versiones 11.0.0-beta.6, 10.1.2, 9.3.1 o 8.5.2, es vulnerable a una omisión de aislamiento de contexto. • https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8 • CWE-668: Exposure of Resource to Wrong Sphere CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-15174 – Unpreventable top-level navigation in Electron
https://notcve.org/view.php?id=CVE-2020-15174
In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the `will-navigate` event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The issue is patched in versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 As a workaround sandbox all your iframes using the sandbox attribute. This will prevent them creating top-frame navigations and is good practice anyway. En Electron anteriores a las versiones 11.0.0-beta.1, 10.0.1, 9.3.0 o 8.5.1, el evento "will-navigate" que usa las aplicaciones para evitar la navegación a destinos inesperados según nuestras recomendaciones de seguridad se puede omitir cuando una sub-frame realiza una navegación top-frame a través de los sitios. El problema está parcheado en las versiones 11.0.0-beta.1, 10.0.1, 9.3.0 o 8.5.1. • https://github.com/electron/electron/commit/18613925610ba319da7f497b6deed85ad712c59b https://github.com/electron/electron/security/advisories/GHSA-2q4g-w47c-4674 • CWE-20: Improper Input Validation CWE-693: Protection Mechanism Failure •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2020-15096 – Context isolation bypass via Promise in Electron
https://notcve.org/view.php?id=CVE-2020-15096
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affected. There are no app-side workarounds, you must update your Electron version to be protected. This is fixed in versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21. En Electron antes de las versiones 6.1.1, 7.2.4, 8.2.4 y 9.0.0-beta21, se presenta una omisión de aislamiento de contexto, quiere decir que el código que se ejecuta en el contexto mundial principal en el renderizador puede alcanzar el contexto de Electron aislado y llevar a cabo acciones privilegiadas. • https://github.com/electron/electron/security/advisories/GHSA-6vrv-94jv-crrg https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824 • CWE-501: Trust Boundary Violation •