GitHub Advisory DatabaseGHSA-HVF8-H2QH-37M9IPC messages delivered to the wrong frame in Electron
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
42.0%
Impact
IPC messages sent from the main process to a subframe in the renderer process, through webContents.sendToFrame, event.reply or when using the remote module, can in some cases be delivered to the wrong frame.
If your app does ANY of the following, then it is impacted by this issue:
- Uses
remote - Calls
webContents.sendToFrame - Calls
event.replyin an IPC message handler
Patches
This has been fixed in the following versions:
- 9.4.0
- 10.2.0
- 11.1.0
- 12.0.0-beta.9
Workarounds
There are no workarounds for this issue.
For more information
If you have any questions or comments about this advisory, email us at [email protected].
Affected configurations
References
github.com/advisories/GHSA-hvf8-h2qh-37m9
github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
github.com/electron/electron/pull/26875
github.com/electron/electron/releases/tag/v9.4.0
github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
nvd.nist.gov/vuln/detail/CVE-2020-26272
www.electronjs.org/releases/stable?version=9#9.4.0
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
42.0%