Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/electron@8.2.3
Typenpm
Namespace
Nameelectron
Version8.2.3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version9.4.0
Latest_non_vulnerable_version42.0.0-alpha.5
Affected_by_vulnerabilities
0
url VCID-26d6-eg4q-w7c6
vulnerability_id VCID-26d6-eg4q-w7c6
summary 
Files or Directories Accessible to External Parties
In Electron, an arbitrary local file read is possible by defining unsafe window options on a child window opened via `window.open.` As a workaround, ensure you are calling `event.preventDefault()` on all `new-window` events where the `url` or `options` is not something you expect.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-4075
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.47462
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-4075
1
reference_url https://github.com/electron/electron/security/advisories/GHSA-f9mq-jph6-9mhm
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-f9mq-jph6-9mhm
2
reference_url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-4075
reference_id CVE-2020-4075
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-4075
fixed_packages
0
url pkg:npm/electron@8.2.4
purl pkg:npm/electron@8.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@8.2.4
1
url pkg:npm/electron@9.0.1
purl pkg:npm/electron@9.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.0.1
aliases CVE-2020-4075, GHSA-f9mq-jph6-9mhm
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26d6-eg4q-w7c6
1
url VCID-c9ut-fk1h-gfe4
vulnerability_id VCID-c9ut-fk1h-gfe4
summary 
Trust Boundary Violation
In Electron, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using `contextIsolation` are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15096
reference_id
reference_type
scores
0
value 0.0042
scoring_system epss
scoring_elements 0.62253
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15096
1
reference_url https://github.com/electron/electron/security/advisories/GHSA-6vrv-94jv-crrg
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-6vrv-94jv-crrg
2
reference_url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15096
reference_id CVE-2020-15096
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15096
fixed_packages
0
url pkg:npm/electron@8.2.4
purl pkg:npm/electron@8.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@8.2.4
1
url pkg:npm/electron@9.0.1
purl pkg:npm/electron@9.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.0.1
aliases CVE-2020-15096, GHSA-6vrv-94jv-crrg
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c9ut-fk1h-gfe4
2
url VCID-j37m-6stt-2bax
vulnerability_id VCID-j37m-6stt-2bax
summary 
Trust Boundary Violation
In Electron, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using both `contextIsolation` and `contextBridge` are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-4077
reference_id
reference_type
scores
0
value 0.00436
scoring_system epss
scoring_elements 0.63317
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-4077
1
reference_url https://github.com/electron/electron/commit/b8e347709245d2dc5640fbb3044d9b21b4eaa6b0
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/b8e347709245d2dc5640fbb3044d9b21b4eaa6b0
2
reference_url https://github.com/electron/electron/security/advisories/GHSA-h9jc-284h-533g
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-h9jc-284h-533g
3
reference_url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-4077
reference_id CVE-2020-4077
reference_type
scores
0
value 7.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-4077
fixed_packages
0
url pkg:npm/electron@8.2.4
purl pkg:npm/electron@8.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@8.2.4
1
url pkg:npm/electron@9.0.1
purl pkg:npm/electron@9.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.0.1
aliases CVE-2020-4077, GHSA-h9jc-284h-533g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j37m-6stt-2bax
3
url VCID-nm8y-5g5d-quaf
vulnerability_id VCID-nm8y-5g5d-quaf
summary 
Improper Input Validation
In Electron the `will-navigate` event that apps use to prevent navigations to unexpected destinations as per our security recommendations can be bypassed when a sub-frame performs a top-frame navigation across sites. The issue is patched As a workaround sandbox all your iframes using the sandbox attribute. This will prevent them creating top-frame navigations and is good practice anyway.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15174
reference_id
reference_type
scores
0
value 0.00296
scoring_system epss
scoring_elements 0.53157
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15174
1
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
2
reference_url https://github.com/electron/electron/commit/18613925610ba319da7f497b6deed85ad712c59b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/18613925610ba319da7f497b6deed85ad712c59b
3
reference_url https://github.com/electron/electron/security/advisories/GHSA-2q4g-w47c-4674
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-2q4g-w47c-4674
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15174
reference_id CVE-2020-15174
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15174
fixed_packages
0
url pkg:npm/electron@8.5.1
purl pkg:npm/electron@8.5.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p3vt-avbt-kyed
1
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@8.5.1
1
url pkg:npm/electron@9.3.0
purl pkg:npm/electron@9.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p3vt-avbt-kyed
1
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.3.0
2
url pkg:npm/electron@10.0.1
purl pkg:npm/electron@10.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p3vt-avbt-kyed
1
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@10.0.1
aliases CVE-2020-15174, GHSA-2q4g-w47c-4674
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nm8y-5g5d-quaf
4
url VCID-p3vt-avbt-kyed
vulnerability_id VCID-p3vt-avbt-kyed
summary 
IPC messages delivered to the wrong frame in Electron
IPC messages sent from the main process to a subframe in the renderer process, through `webContents.sendToFrame`, `event.reply` or when using the `remote` module, can in some cases be delivered to the wrong frame.

If your app does ANY of the following, then it is impacted by this issue:
- Uses `remote`
- Calls `webContents.sendToFrame`
- Calls `event.reply` in an IPC message handler
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-26272
reference_id
reference_type
scores
0
value 0.00965
scoring_system epss
scoring_elements 0.76899
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-26272
1
reference_url https://github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
2
reference_url https://github.com/electron/electron/commit/0bbd268eb4caf35604443df5ff196980dd49e208
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/0bbd268eb4caf35604443df5ff196980dd49e208
3
reference_url https://github.com/electron/electron/commit/36c695ce2a7e22c07fe1e30c61c00d20371daee2
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/36c695ce2a7e22c07fe1e30c61c00d20371daee2
4
reference_url https://github.com/electron/electron/commit/429400040ecb16a21d19936658579e65a797e4cc
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/429400040ecb16a21d19936658579e65a797e4cc
5
reference_url https://github.com/electron/electron/commit/5c8e7e8b7f485ceafa8b271086d7b87e1de9dedd
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/commit/5c8e7e8b7f485ceafa8b271086d7b87e1de9dedd
6
reference_url https://github.com/electron/electron/pull/26875
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/26875
7
reference_url https://github.com/electron/electron/releases/tag/v9.4.0
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/releases/tag/v9.4.0
8
reference_url https://www.electronjs.org/releases/stable?version=9#9.4.0
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.electronjs.org/releases/stable?version=9#9.4.0
9
reference_url https://security.archlinux.org/AVG-1503
reference_id AVG-1503
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1503
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-26272
reference_id CVE-2020-26272
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-26272
11
reference_url https://github.com/advisories/GHSA-hvf8-h2qh-37m9
reference_id GHSA-hvf8-h2qh-37m9
reference_type
scores
url https://github.com/advisories/GHSA-hvf8-h2qh-37m9
12
reference_url https://github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
reference_id GHSA-hvf8-h2qh-37m9
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
fixed_packages
0
url pkg:npm/electron@9.4.0
purl pkg:npm/electron@9.4.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.4.0
1
url pkg:npm/electron@10.2.0
purl pkg:npm/electron@10.2.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@10.2.0
2
url pkg:npm/electron@11.1.0
purl pkg:npm/electron@11.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@11.1.0
aliases CVE-2020-26272, GHSA-hvf8-h2qh-37m9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p3vt-avbt-kyed
5
url VCID-w26e-rdx9-4qet
vulnerability_id VCID-w26e-rdx9-4qet
summary 
Trust Boundary Violation
In Electron, there is a context isolation bypass. Code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using `contextIsolation` are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-4076
reference_id
reference_type
scores
0
value 0.00075
scoring_system epss
scoring_elements 0.22732
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-4076
1
reference_url https://github.com/electron/electron/security/advisories/GHSA-m93v-9qjc-3g79
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-m93v-9qjc-3g79
2
reference_url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.electronjs.org/releases/stable?page=3#release-notes-for-v824
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-4076
reference_id CVE-2020-4076
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-4076
fixed_packages
0
url pkg:npm/electron@8.2.4
purl pkg:npm/electron@8.2.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@8.2.4
1
url pkg:npm/electron@9.0.1
purl pkg:npm/electron@9.0.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-nm8y-5g5d-quaf
1
vulnerability VCID-p3vt-avbt-kyed
2
vulnerability VCID-xngs-29hg-7kh9
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.0.1
aliases CVE-2020-4076, GHSA-m93v-9qjc-3g79
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w26e-rdx9-4qet
6
url VCID-xngs-29hg-7kh9
vulnerability_id VCID-xngs-29hg-7kh9
summary 
Exposure of Resource to Wrong Sphere
Electron is vulnerable to a context isolation bypass. Apps using both `contextIsolation` and `sandbox: true` are affected. Apps using both `contextIsolation` and `nodeIntegrationInSubFrames: true` are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-15215
reference_id
reference_type
scores
0
value 0.00282
scoring_system epss
scoring_elements 0.51802
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-15215
1
reference_url https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-56pc-6jqp-xqj8
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-15215
reference_id CVE-2020-15215
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-15215
fixed_packages
0
url pkg:npm/electron@8.5.2
purl pkg:npm/electron@8.5.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p3vt-avbt-kyed
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@8.5.2
1
url pkg:npm/electron@9.3.1
purl pkg:npm/electron@9.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p3vt-avbt-kyed
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@9.3.1
2
url pkg:npm/electron@10.1.2
purl pkg:npm/electron@10.1.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-p3vt-avbt-kyed
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@10.1.2
3
url pkg:npm/electron@11.0.0-beta.6
purl pkg:npm/electron@11.0.0-beta.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@11.0.0-beta.6
aliases CVE-2020-15215, GHSA-56pc-6jqp-xqj8
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xngs-29hg-7kh9
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/electron@8.2.3