9.4 High
AI Score
Confidence
High
0.036 Low
EPSS
Percentile
91.6%
Clipper before 1.0.5 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API.
github.com/AkashRajpurohit/clipper/issues/13
github.com/AkashRajpurohit/clipper/pull/14
github.com/AkashRajpurohit/clipper/pull/14/commits/28f1492a12234cf1e6af85c78bf22ee2f5090d19
github.com/AkashRajpurohit/clipper/releases/tag/v1.0.5