Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:nuget/CefSharp.WinForms.NETCore@99.2.90

Type nuget

Namespace

Name CefSharp.WinForms.NETCore

Version 99.2.90

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 134.3.90

Latest_non_vulnerable_version 134.3.90

Affected_by_vulnerabilities

url VCID-u9e3-f1kh-nkgn

vulnerability_id VCID-u9e3-f1kh-nkgn

summary

CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)

https://nvd.nist.gov/vuln/detail/CVE-2025-2783
https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html
https://issues.chromium.org/issues/405143032

references

reference_url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html

reference_url

https://github.com/cefsharp/CefSharp

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cefsharp/CefSharp

reference_url

https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cefsharp/CefSharp/releases/tag/v134.3.90

reference_url

https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/cefsharp/CefSharp/security/advisories/GHSA-f87w-3j5w-v58p

reference_url

https://issues.chromium.org/issues/405143032

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://issues.chromium.org/issues/405143032

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-2783

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-2783

reference_url

https://github.com/advisories/GHSA-f87w-3j5w-v58p

reference_id

GHSA-f87w-3j5w-v58p

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f87w-3j5w-v58p

fixed_packages

url	pkg:nuget/CefSharp.WinForms.NETCore@134.3.90
purl	pkg:nuget/CefSharp.WinForms.NETCore@134.3.90
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.WinForms.NETCore@134.3.90

aliases GHSA-f87w-3j5w-v58p

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9e3-f1kh-nkgn

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:nuget/CefSharp.WinForms.NETCore@99.2.90

Package Instance