NVD

Vulnerability Change Records for CVE-2018-1000136

Change History

Modified Analysis by NIST 5/01/2019 9:51:24 AM

Action

Type

Old Value

New Value

Changed

CPE Configuration

OR
     *cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:* versions from (including) 1.7.0 up to (including) 1.7.12
     *cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:* versions from (excluding) 1.8.0 up to (including) 1.8.3
     *cpe:2.3:a:electronjs:electron:2.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta1:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta3:*:*:*:*:*:*

OR
     *cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:* versions from (including) 1.7.0 up to (including) 1.7.12
     *cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:* versions from (excluding) 1.8.0 up to (including) 1.8.3
     *cpe:2.3:a:electronjs:electron:2.0.0:*:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta1:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta3:*:*:*:*:*:*
     *cpe:2.3:a:electronjs:electron:2.0.0:beta4:*:*:*:*:*:*

Changed

Reference Type

https://www.electronjs.org/blog/webview-fix Mitigation, Vendor Advisory

https://www.electronjs.org/blog/webview-fix Mitigation, Patch, Vendor Advisory

Changed

Reference Type

https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-1000136---Electron-nodeIntegration-Bypass/ No Types Assigned

https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-1000136---Electron-nodeIntegration-Bypass/ Exploit, Third Party Advisory

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Vulnerability Change Records for CVE-2018-1000136

Change History

Modified Analysis by NIST 5/01/2019 9:51:24 AM