Lucene search
MitreCVELIST:CVE-2018-1000136HistoryMar 23, 2018 - 7:00 p.m.
CVE-2018-1000136
2018-03-2319:00:00
mitre
www.cve.org
4
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND disallows node integration AND has not specified if webview is enabled/disabled. This vulnerability appears to have been fixed in 1.7.13, 1.8.4, 2.0.0-beta.4.
Related
osv
osv
Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration
2018-03-26 16:41:17
CVE-2018-1000136
2018-03-23 19:29:00
thn
thn
Simple bug could lead to RCE flaw on apps built with Electron Framework
2018-05-14 09:46:00
talosblog
talosblog
checkpoint_advisories
checkpoint_advisories
Electron NodeIntegration Remote Code Execution (CVE-2018-1000136)
2018-05-15 00:00:00
prion
prion
Input validation
2018-03-23 19:29:00
github
github
Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration
2018-03-26 16:41:17
redhatcve
redhatcve
CVE-2018-1000136
2018-03-23 21:48:57
nvd
nvd
CVE-2018-1000136
2018-03-23 19:29:00
cve
cve
CVE-2018-1000136
2018-03-23 19:29:00