Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/electron@17.0.1
Typenpm
Namespace
Nameelectron
Version17.0.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version17.2.0
Latest_non_vulnerable_version42.0.0-alpha.5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-r9kq-n5sk-zqba
vulnerability_id VCID-r9kq-n5sk-zqba
summary 
Exposure of Resource to Wrong Sphere
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth API if the app has not configured a custom `select-bluetooth-device` event handler. This has been patched and Electron versions `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` contain the fix. Code from the GitHub Security Advisory can be added to the app to work around the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-21718
reference_id
reference_type
scores
0
value 0.00848
scoring_system epss
scoring_elements 0.75217
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-21718
1
reference_url https://github.com/electron/electron
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron
2
reference_url https://github.com/electron/electron/pull/32178
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/32178
3
reference_url https://github.com/electron/electron/pull/32240
reference_id
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/pull/32240
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-21718
reference_id CVE-2022-21718
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-21718
5
reference_url https://github.com/advisories/GHSA-3p22-ghq8-v749
reference_id GHSA-3p22-ghq8-v749
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3p22-ghq8-v749
6
reference_url https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749
reference_id GHSA-3p22-ghq8-v749
reference_type
scores
0
value 3.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/electron/electron/security/advisories/GHSA-3p22-ghq8-v749
fixed_packages
0
url pkg:npm/electron@13.6.6
purl pkg:npm/electron@13.6.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@13.6.6
1
url pkg:npm/electron@14.2.4
purl pkg:npm/electron@14.2.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@14.2.4
2
url pkg:npm/electron@15.3.5
purl pkg:npm/electron@15.3.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@15.3.5
3
url pkg:npm/electron@16.0.6
purl pkg:npm/electron@16.0.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@16.0.6
4
url pkg:npm/electron@17.0.0-alpha.6
purl pkg:npm/electron@17.0.0-alpha.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@17.0.0-alpha.6
5
url pkg:npm/electron@17.0.1
purl pkg:npm/electron@17.0.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/electron@17.0.1
aliases CVE-2022-21718, GHSA-3p22-ghq8-v749
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9kq-n5sk-zqba
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/electron@17.0.1