exploitDog

GHSA-w7qj-9r4p-2jh6

Опубликовано: 24 мар. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode.

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode.

Ссылки

EPSS

Процентиль: 82%

0.0167

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2024-23755

CVSS3: 8.8

nvd

почти 2 года назад

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode.

EPSS

Процентиль: 82%

0.0167

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-94