CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-23742

An issue in Loom on macOS version 0.196.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor disputes this because it requires local access to a victim's machine.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.215

EPSS Ranking 95.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/V3x0r/CVE-2024-23742
https://www.electronjs.org/blog/statement-run-as-node-cves
https://github.com/V3x0r/CVE-2024-23742
https://www.electronjs.org/blog/statement-run-as-node-cves

Products affected by CVE-2024-23742

Loom » Loom » Version: N/A

cpe:2.3:a:loom:loom:-
Loom » Loom » Version: 0.196.1

cpe:2.3:a:loom:loom:0.196.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23742

Products

Pricing

Contact Us