Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND disallows node integration AND has not specified if webview is enabled/disabled. This vulnerability appears to have been fixed in 1.7.13, 1.8.4, 2.0.0-beta.4.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GitHub Electron Webviews 安全漏洞
Vulnerability Description
GitHub Electron(前称Atom Shell)是美国GitHub公司负责维护的一套基于Web技术的跨平台桌面应用开发工具。Webviews是其中的一个Web查看界面。 GitHub Electron 1.7版本至1.7.12版本,1.8版本至1.8.3版本和2.0.0版本至2.0.0-beta.3版本中的Webviews存在安全漏洞,该漏洞源于程序没有正确的处理值。远程攻击者可借助应用程序利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A