Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Code Signing Bypass on Windows in electron-updater < 6.3.0-alpha.6
Vulnerability Description
electron-updater allows for automatic updates for Electron apps. The file `packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts` implements the signature validation routine for Electron applications on Windows. Because of the surrounding shell, a first pass by `cmd.exe` expands any environment variable found in command-line above. This creates a situation where `verifySignature()` can be tricked into validating the certificate of a different file than the one that was just downloaded. If the step is successful, the malicious update will be executed even if its signature is invalid. This attack assumes a compromised update manifest (server compromise, Man-in-the-Middle attack if fetched over HTTP, Cross-Site Scripting to point the application to a malicious updater server, etc.). The patch is available starting from 6.3.0-alpha.6.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
变量名分隔符转义处理不恰当
Vulnerability Title
electron-builder 安全漏洞
Vulnerability Description
electron-builder是一个用于打包和构建可供分发的Electron、Proton Native应用程序,适用于 macOS、Windows 和 Linux,并提供开箱即用的“自动更新”支持。 electron-builder 6.3.0-alpha.6之前版本存在安全漏洞,该漏洞源于可以绕过Windows上的代码签名,允许应用自动更新。
CVSS Information
N/A
Vulnerability Type
N/A