ГлавнаяУязвимости → CVE-2024-25249
9.8критическая

CVE-2024-25249

Описание

An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings.

Затрагиваемое ПО
He3app He3 app
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/intbjwhttps://github.com/intbjw/CVE-2024-25249https://www.electronjs.org/blog/statement-run-as-node-cveshttps://github.com/intbjwhttps://github.com/intbjw/CVE-2024-25249https://www.electronjs.org/blog/statement-run-as-node-cves