In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass. Code running in the main world context in…
GitHub_M·CWE-501·Published 2020-07-07
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using both `contextIsolation` and `contextBridge` are affected. This is fixed in versions 9.0.0-beta.21, 8.2.4 and 7.2.4.
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using both `contextIsolation` and `contextBridge` are affected. This is fixed in versions 9.0.0-beta.21, 8.2.4 and 7.2.4.
### Impact Apps using both `contextIsolation` and `contextBridge` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. ### Workarounds There are no app-side workarounds, you must update your Electron version to be protected. ### Fixed Versions * `9.0.0-beta.21` * `8.2.4` * `7.2.4` ### For more information If you have any questions or comments about this advisory: * Email us at [security@electronjs.org](mailto:security@electronjs.org)
### Impact Apps using both `contextIsolation` and `contextBridge` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. ### Workarounds There are no app-side workarounds, you must update your Electron version to be protected. ### Fixed Versions * `9.0.0-beta.21` * `8.2.4` * `7.2.4` ### For more information If you have any questions or comments about this advisory: * Email us at [security@electronjs.org](mailto:security@electronjs.org)
En Electron antes de las versiones 7.2.4, 8.2.4 y 9.0.0-beta21, se presenta una omisión de aislamiento de contexto. El código que se ejecuta en el contexto mundial principal en el renderizador puede alcanzar el contexto Electron aislado y llevar a cabo acciones privilegiadas. Las aplicaciones que usan tanto "contextIsolation" como "contextBridge" están afectadas. Esto es corregido en las versiones 9.0.0-beta.21, 8.2.4 y 7.2.4
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 6.5 | 8.0 | 6.4 | AV:N/AC:L/Au:S/C:P/I:P/A:P |
| 3.1 | Primary | NVD | 9.9 | 3.1 | 6.0 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
| 3.1 | Primary | cve.org | 7.7 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
| 3.1 | Primary | cve.org | 7.7 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
| 3.1 | Secondary | GHSA | 7.7 | — | — | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
| 3.1 | Secondary | NVD | 7.7 | 3.1 | 4.0 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |