6 matches found
CVE-2021-45707 vulnerabilities
Vulnerabilities for packages: nsexec...
GHSA-76W9-P8MG-J927 vulnerabilities
Vulnerabilities for packages: nsexec...
GHSA-WGRG-5H56-JG27 vulnerabilities
Vulnerabilities for packages: nsexec...
CVE-2024-27303
electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh...
CVE-2024-27303 electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)
electron-builder is a solution to package and build a ready for distribution Electron, Proton Native app for macOS, Windows and Linux. A vulnerability that only affects eletron-builder prior to 24.13.2 in Windows, the NSIS installer makes a system call to open cmd.exe via NSExec in the .nsh...
Privilege Escalation
app-builder-lib is vulnerable to Privilege escalation. The vulnerability is due to NSExec searching the current directory of the installer before searching the system's PATH when making a system call to open cmd.exe in the .nsh installer script. This flaw allows an attacker to exploit the situati...