ГлавнаяУязвимости → CVE-2024-23739
9.8критическая

CVE-2024-23739

Описание

An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.

Затрагиваемое ПО
Discord DiscordApple Macos
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/V3x0r/CVE-2024-23739https://www.electronjs.org/blog/statement-run-as-node-cveshttps://github.com/V3x0r/CVE-2024-23739https://www.electronjs.org/blog/statement-run-as-node-cves