Vulnerabilities > Evernote > Evernote > 7.7

DATE CVE VULNERABILITY TITLE RISK
2019-09-30 CVE-2019-17051 Incorrect Permission Assignment for Critical Resource vulnerability in Evernote
Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file.
local
low complexity
evernote CWE-732
7.8