VulnerableCode Package Details - pkg:nuget/CefSharp.Wpf.HwndHost@86.0.241

Search for packages

Vulnerability	Summary	Fixed by
VCID-57ne-vzp6-b7f4 Aliases: CVE-2022-0609 GHSA-vv6j-ww6x-54gx GMS-2022-140 GMS-2022-141 GMS-2022-142 GMS-2022-143 GMS-2022-144 GMS-2022-145 GMS-2022-146 GMS-2022-147 GMS-2022-148	Use after free in Animation. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. There is currently little other public information on the issue other than it has been flagged as `High` severity.	98.1.210 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-u9e3-f1kh-nkgn Aliases: GHSA-f87w-3j5w-v58p	CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) https://nvd.nist.gov/vuln/detail/CVE-2025-2783 https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html https://issues.chromium.org/issues/405143032	134.3.90 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-57ne-vzp6-b7f4
Aliases:
CVE-2022-0609
GHSA-vv6j-ww6x-54gx
GMS-2022-140
GMS-2022-141
GMS-2022-142
GMS-2022-143
GMS-2022-144
GMS-2022-145
GMS-2022-146
GMS-2022-147
GMS-2022-148

Use after free in Animation. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. There is currently little other public information on the issue other than it has been flagged as `High` severity.

98.1.210
Affected by 1 other vulnerability.

VCID-u9e3-f1kh-nkgn
Aliases:
GHSA-f87w-3j5w-v58p

CefSharp affected by incorrect handle provided in unspecified circumstances in Mojo on Windows Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High) https://nvd.nist.gov/vuln/detail/CVE-2025-2783 https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_25.html https://issues.chromium.org/issues/405143032

134.3.90
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-cfg9-fy1r-uqg6	CVE-2020-16009: Inappropriate implementation in V8 - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009 Google is aware of reports that exploits for CVE-2020-16009 exist in the wild. Allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. There is currently little to no public information on the issue other than it has been flagged as `High` severity.	CVE-2020-16009 GHSA-m7mf-48hp-5qmr
VCID-mcug-5ay7-cqdz	Use after free in CefSharp CVE-2020-16017: Use after free in site isolation - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is currently little to no public information on the issue other than it has been flagged as `High` severity.	CVE-2020-16017 GHSA-gvqv-779r-4jgp
VCID-mk69-tcsj-u7h1	Inappropriate implementation in V8 in CefSharp High CVE-2020-16013: Inappropriate implementation in V8. - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is currently little to no public information on the issue other than it has been flagged as `High` severity.	CVE-2020-16013 GHSA-x7fx-mcc9-27j7

Vulnerability

Summary

Aliases

VCID-cfg9-fy1r-uqg6

CVE-2020-16009: Inappropriate implementation in V8 - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009 Google is aware of reports that exploits for CVE-2020-16009 exist in the wild. Allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. There is currently little to no public information on the issue other than it has been flagged as `High` severity.

CVE-2020-16009
GHSA-m7mf-48hp-5qmr

VCID-mcug-5ay7-cqdz

Use after free in CefSharp CVE-2020-16017: Use after free in site isolation - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is currently little to no public information on the issue other than it has been flagged as `High` severity.

CVE-2020-16017
GHSA-gvqv-779r-4jgp

VCID-mk69-tcsj-u7h1

Inappropriate implementation in V8 in CefSharp High CVE-2020-16013: Inappropriate implementation in V8. - https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013 Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild. There is currently little to no public information on the issue other than it has been flagged as `High` severity.

CVE-2020-16013
GHSA-x7fx-mcc9-27j7

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:26:37.399413+00:00	GitLab Importer	Affected by	VCID-u9e3-f1kh-nkgn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GHSA-f87w-3j5w-v58p.yml	38.4.0
2026-04-16T21:40:59.439146+00:00	GitLab Importer	Affected by	VCID-57ne-vzp6-b7f4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GMS-2022-147.yml	38.4.0
2026-04-12T00:46:04.072557+00:00	GitLab Importer	Affected by	VCID-u9e3-f1kh-nkgn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GHSA-f87w-3j5w-v58p.yml	38.3.0
2026-04-11T22:56:20.991500+00:00	GitLab Importer	Affected by	VCID-57ne-vzp6-b7f4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GMS-2022-147.yml	38.3.0
2026-04-03T00:54:01.763659+00:00	GitLab Importer	Affected by	VCID-u9e3-f1kh-nkgn	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GHSA-f87w-3j5w-v58p.yml	38.1.0
2026-04-02T23:05:21.474089+00:00	GitLab Importer	Affected by	VCID-57ne-vzp6-b7f4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GMS-2022-147.yml	38.1.0
2026-04-02T16:56:02.935476+00:00	GHSA Importer	Fixing	VCID-cfg9-fy1r-uqg6	https://github.com/advisories/GHSA-m7mf-48hp-5qmr	38.1.0
2026-04-02T16:56:02.484227+00:00	GHSA Importer	Fixing	VCID-mcug-5ay7-cqdz	https://github.com/advisories/GHSA-gvqv-779r-4jgp	38.1.0
2026-04-02T16:56:02.382851+00:00	GHSA Importer	Fixing	VCID-mk69-tcsj-u7h1	https://github.com/advisories/GHSA-x7fx-mcc9-27j7	38.1.0
2026-04-02T12:37:42.579784+00:00	GitLab Importer	Fixing	VCID-cfg9-fy1r-uqg6	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/CVE-2020-16009.yml	38.0.0
2026-04-02T12:37:42.153363+00:00	GitLab Importer	Fixing	VCID-mk69-tcsj-u7h1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/CVE-2020-16013.yml	38.0.0
2026-04-02T12:37:42.110301+00:00	GitLab Importer	Fixing	VCID-mcug-5ay7-cqdz	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/CVE-2020-16017.yml	38.0.0
2026-04-01T17:24:22.201838+00:00	GitLab Importer	Affected by	VCID-57ne-vzp6-b7f4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/CefSharp.Wpf.HwndHost/GMS-2022-147.yml	38.0.0
2026-04-01T13:00:20.512917+00:00	GithubOSV Importer	Fixing	VCID-mk69-tcsj-u7h1	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/11/GHSA-x7fx-mcc9-27j7/GHSA-x7fx-mcc9-27j7.json	38.0.0
2026-04-01T13:00:16.483052+00:00	GithubOSV Importer	Fixing	VCID-mcug-5ay7-cqdz	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/11/GHSA-gvqv-779r-4jgp/GHSA-gvqv-779r-4jgp.json	38.0.0
2026-04-01T13:00:04.448497+00:00	GithubOSV Importer	Fixing	VCID-cfg9-fy1r-uqg6	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/12/GHSA-m7mf-48hp-5qmr/GHSA-m7mf-48hp-5qmr.json	38.0.0