CVE-2020-15174 Unpreventable top-level navigation in Electron

2020-10-0617:35:13

CWE-20

CWE-693

GitHub_M

www.cve.org

electron security issue

preventable navigation

patched versions

iframe sandboxing

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

EPSS

0.001

Percentile

49.3%

JSON

In Electron before versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 the will-navigate event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The issue is patched in versions 11.0.0-beta.1, 10.0.1, 9.3.0 or 8.5.1 As a workaround sandbox all your iframes using the sandbox attribute. This will prevent them creating top-frame navigations and is good practice anyway.

CNA Affected

[
  {
    "product": "electron",
    "vendor": "electron",
    "versions": [
      {
        "status": "affected",
        "version": ">= 8.0.0-beta.0, < 8.5.1"
      },
      {
        "status": "affected",
        "version": ">= 9.0.0-beta.0, < 9.3.0"
      },
      {
        "status": "affected",
        "version": ">= 10.0.0-beta.0, < 10.0.1"
      }
    ]
  }
]