CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
42.0%
IPC messages sent from the main process to a subframe in the renderer process, through webContents.sendToFrame
, event.reply
or when using the remote
module, can in some cases be delivered to the wrong frame.
If your app does ANY of the following, then it is impacted by this issue:
remote
webContents.sendToFrame
event.reply
in an IPC message handlerThis has been fixed in the following versions:
There are no workarounds for this issue.
If you have any questions or comments about this advisory, email us at [email protected].
github.com/advisories/GHSA-hvf8-h2qh-37m9
github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
github.com/electron/electron/pull/26875
github.com/electron/electron/releases/tag/v9.4.0
github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
nvd.nist.gov/vuln/detail/CVE-2020-26272
www.electronjs.org/releases/stable?version=9#9.4.0
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
42.0%