24 matches found
CVE-2017-12581
GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. This also affects all applications that bundle Electron code equivalent to 1.6.8 or earlier. Bypassing the Same Origin Policy SOP is a precondition; however, recent Electron versions do...
Design/Logic Flaw
GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. This also affects all applications that bundle Electron code equivalent to 1.6.8 or earlier. Bypassing the Same Origin Policy SOP is a precondition; however, recent Electron versions do...
CVE-2017-12581
CVE-2017-12581 affects GitHub Electron before 1.6.8, where a nodeIntegration bypass can bypass the Same Origin Policy and allow remote command execution. A privileged chrome-devtools:// URL could eval Node.js primitives (e.g., child_process.execFile), enabling OS commands on the user’s host. The ...
CVE-2017-12581
GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability. This also affects all applications that bundle Electron code equivalent to 1.6.8 or earlier. Bypassing the Same Origin Policy SOP is a precondition; however, recent Electron versions do...