CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-16151

Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the [sandbox option](https://electron.atom.io/docs/api/sandbox-option) is enabled.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.028

EPSS Ranking 85.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix
https://nodesecurity.io/advisories/539
https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix
https://nodesecurity.io/advisories/539

Products affected by CVE-2017-16151

Electronjs » Electron » Version: Any

cpe:2.3:a:electronjs:electron:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16151

Products

Pricing

Contact Us