CyberSec.Space Logo
返回 CVE 浏览器

CVE-2017-16151

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile8.70th
Published2018年6月7日
Last Modified2024年11月21日

Vulnerability Description

Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the [sandbox option](https://electron.atom.io/docs/api/sandbox-option) is enabled.

Affected Platforms (CPE)

📦
Electronjs

Electron

< 1.7.8

References & Advisories

🔗 https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix
🔗 https://nodesecurity.io/advisories/539
🔗 https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix
🔗 https://nodesecurity.io/advisories/539

相关漏洞威胁

CVE-2020-188910.0

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron ...

CVE-2008-311610.0

Format string vulnerability in dx8render.dll in Snail Game (aka Suzhou Snail Electronic Company) 5th street (aka Hot Step or High ...

CVE-2020-1207910.0

Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. This occurs because Electron context isola...

CVE-2008-509010.0

Electron Inc. Advanced Electron Forum before 1.0.7 allows remote attackers to execute arbitrary PHP code via PHP code embedded in ...