Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:alpm/archlinux/electron@11.0.4-1
Typealpm
Namespacearchlinux
Nameelectron
Version11.0.4-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version11.1.0-1
Latest_non_vulnerable_version11.1.0-1
Affected_by_vulnerabilities
0
url VCID-1x44-uf31-1ydv
vulnerability_id VCID-1x44-uf31-1ydv
summary 
IPC messages delivered to the wrong frame in Electron
### Impact
IPC messages sent from the main process to a subframe in the renderer process, through `webContents.sendToFrame`, `event.reply` or when using the `remote` module, can in some cases be delivered to the wrong frame.

If your app does ANY of the following, then it is impacted by this issue:
- Uses `remote`
- Calls `webContents.sendToFrame`
- Calls `event.reply` in an IPC message handler

### Patches
This has been fixed in the following versions:

- 9.4.0
- 10.2.0
- 11.1.0
- 12.0.0-beta.9

### Workarounds
There are no workarounds for this issue.

### For more information
If you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26272
reference_id
reference_type
scores
0
value 0.00965
scoring_system epss
scoring_elements 0.76513
published_at 2026-04-07T12:55:00Z
1
value 0.00965
scoring_system epss
scoring_elements 0.76587
published_at 2026-04-21T12:55:00Z
2
value 0.00965
scoring_system epss
scoring_elements 0.76599
published_at 2026-04-18T12:55:00Z
3
value 0.00965
scoring_system epss
scoring_elements 0.76596
published_at 2026-04-16T12:55:00Z
4
value 0.00965
scoring_system epss
scoring_elements 0.76554
published_at 2026-04-13T12:55:00Z
5
value 0.00965
scoring_system epss
scoring_elements 0.76561
published_at 2026-04-12T12:55:00Z
6
value 0.00965
scoring_system epss
scoring_elements 0.76582
published_at 2026-04-11T12:55:00Z
7
value 0.00965
scoring_system epss
scoring_elements 0.76496
published_at 2026-04-01T12:55:00Z
8
value 0.00965
scoring_system epss
scoring_elements 0.76556
published_at 2026-04-09T12:55:00Z
9
value 0.00965
scoring_system epss
scoring_elements 0.76545
published_at 2026-04-08T12:55:00Z
10
value 0.00965
scoring_system epss
scoring_elements 0.76501
published_at 2026-04-02T12:55:00Z
11
value 0.00965
scoring_system epss
scoring_elements 0.7653
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26272
1
reference_url https://github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
2
reference_url https://github.com/electron/electron/commit/0bbd268eb4caf35604443df5ff196980dd49e208
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/0bbd268eb4caf35604443df5ff196980dd49e208
3
reference_url https://github.com/electron/electron/commit/36c695ce2a7e22c07fe1e30c61c00d20371daee2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/36c695ce2a7e22c07fe1e30c61c00d20371daee2
4
reference_url https://github.com/electron/electron/commit/429400040ecb16a21d19936658579e65a797e4cc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/429400040ecb16a21d19936658579e65a797e4cc
5
reference_url https://github.com/electron/electron/commit/5c8e7e8b7f485ceafa8b271086d7b87e1de9dedd
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/5c8e7e8b7f485ceafa8b271086d7b87e1de9dedd
6
reference_url https://github.com/electron/electron/pull/26875
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/26875
7
reference_url https://github.com/electron/electron/releases/tag/v9.4.0
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v9.4.0
8
reference_url https://github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26272
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26272
10
reference_url https://www.electronjs.org/releases/stable?version=9#9.4.0
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.electronjs.org/releases/stable?version=9#9.4.0
11
reference_url https://security.archlinux.org/AVG-1503
reference_id AVG-1503
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1503
12
reference_url https://github.com/advisories/GHSA-hvf8-h2qh-37m9
reference_id GHSA-hvf8-h2qh-37m9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvf8-h2qh-37m9
fixed_packages
0
url pkg:alpm/archlinux/electron@11.1.0-1
purl pkg:alpm/archlinux/electron@11.1.0-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/electron@11.1.0-1
aliases CVE-2020-26272, GHSA-hvf8-h2qh-37m9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1x44-uf31-1ydv
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/electron@11.0.4-1