Описание
ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode.
Ссылки
- Vendor Advisory
- Not Applicable
- Not Applicable
- Not Applicable
- Vendor Advisory
- Not Applicable
- Not Applicable
- Not Applicable
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.77 (исключая)
Одновременно
cpe:2.3:a:clickup:clickup:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.0167
Низкий
8.8 High
CVSS3
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.8
github
почти 2 года назад
ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode.
EPSS
Процентиль: 82%
0.0167
Низкий
8.8 High
CVSS3
Дефекты
CWE-94