Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.
References
Link | Resource |
---|---|
https://github.com/electron/electron/pull/10008 | Third Party Advisory |
https://github.com/electron/electron/pull/10008/files | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:10
Updated: 2022-10-03T16:23:10
Reserved: 2022-10-03T00:00:00
Link: CVE-2017-1000424
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-01-02T20:29:00.283
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-1000424
JSON object: View
Redhat Information
No data.
CWE