5 matches found
CVE-2020-15215
Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both contextIsolation and sandbox: true are affected. Apps using both contextIsolation and nodeIntegrationInSubFrames: true are affected. This is a context isolation bypass,...
CVE-2020-15215
CVE-2020-15215 affects Electron before 11.0.0-beta.6, 10.1.2, 9.3.1, or 8.5.2. It is a context isolation bypass whereby code running in the main world context in a renderer can access the isolated Electron context when apps use both contextIsolation and sandbox: true, or contextIsolation and node...
CVE-2020-15215 Context isolation bypass in Electron
Electron before versions 11.0.0-beta.6, 10.1.2, 9.3.1 or 8.5.2 is vulnerable to a context isolation bypass. Apps using both contextIsolation and sandbox: true are affected. Apps using both contextIsolation and nodeIntegrationInSubFrames: true are affected. This is a context isolation bypass,...
@amazingcat/amazing-iohook (>=8.2.3 <=8.3.3), @donmahallem/trapeze-client-desktop (=5.1.1) +15 more potentially affected by CVE-2020-15215 via electron (>=8.0.0-beta.1 <=8.5.1)
electron NPM version =8.0.0-beta.1, =8.2.3, =8.0.0, =0.1.0, =4.0.0-beta.1, =1.0.1, =1.7.0, =1.0.3, =1.0.5, =0.0.1, =1.1.35, =1.1.51 and more Source cves: CVE-2020-15215 Source advisory: OSV:GHSA-56PC-6JQP-XQJ8...
@capacitor-community/electron-core (>=0.0.2 <=1.0.1), @felixrieseberg/electron-prebuilt-compile (>=9.0.0 <=9.3.0) +16 more potentially affected by CVE-2020-15215 via electron (>=9.0.0-beta.1 <=9.3.0)
electron NPM version =9.0.0-beta.1, =0.0.2, =9.0.0, =5.0.0-1, =0.8.2, =0.1.1, =0.3.218, =0.2.9, =3.0.7, =9.0.0, =1.1.52, =3.2.13, =3.1.0, =3.1.10 and more Source cves: CVE-2020-15215 Source advisory: OSV:GHSA-56PC-6JQP-XQJ8...