Vulnerabilities > Electronjs > Electron > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-07 | CVE-2020-15096 | Unspecified vulnerability in Electronjs Electron In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. | 4.0 |
| 2018-08-23 | CVE-2018-15685 | Insecure Default Initialization of Resource vulnerability in Electronjs Electron GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution. | 6.8 |
| 2018-03-23 | CVE-2018-1000136 | Improper Input Validation vulnerability in Electronjs Electron Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. | 6.8 |