Vulnerability-Lookup

CVE-2022-29257 (GCVE-0-2022-29257)

Vulnerability from cvelistv5 – Published: 2022-06-13 21:25 – Updated: 2025-04-23 18:16

Title

Electron's AutoUpdater module fails to validate certain nested components of the bundle

Summary

Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim's own auto updating infrastructure and the ease of that attack entirely depends on the potential victim's infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.

Severity ?

6.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-20 - Improper Input Validation

Assigner

GitHub_M

References

URL

Tags

https://github.com/electron/electron/security/adv…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	electron	electron	Affected: < 15.5.5 Affected: >= 16.0.0-beta.1, < 16.2.6 Affected: >= 17.0.0-beta.1, < 17.2.0 Affected: >= 18.0.0-beta.1, <= 18.0.0-beta.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:17:54.538Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-29257",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:52:31.484526Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T18:16:23.820Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "electron",
          "vendor": "electron",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 15.5.5"
            },
            {
              "status": "affected",
              "version": "\u003e= 16.0.0-beta.1, \u003c 16.2.6"
            },
            {
              "status": "affected",
              "version": "\u003e= 17.0.0-beta.1, \u003c 17.2.0"
            },
            {
              "status": "affected",
              "version": "\u003e= 18.0.0-beta.1, \u003c= 18.0.0-beta.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-13T21:25:09.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
        }
      ],
      "source": {
        "advisory": "GHSA-77xc-hjv8-ww97",
        "discovery": "UNKNOWN"
      },
      "title": "Electron\u0027s AutoUpdater module fails to validate certain nested components of the bundle",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-29257",
          "STATE": "PUBLIC",
          "TITLE": "Electron\u0027s AutoUpdater module fails to validate certain nested components of the bundle"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "electron",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 15.5.5"
                          },
                          {
                            "version_value": "\u003e= 16.0.0-beta.1, \u003c 16.2.6"
                          },
                          {
                            "version_value": "\u003e= 17.0.0-beta.1, \u003c 17.2.0"
                          },
                          {
                            "version_value": "\u003e= 18.0.0-beta.1, \u003c= 18.0.0-beta.5"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "electron"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20: Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97",
              "refsource": "CONFIRM",
              "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-77xc-hjv8-ww97",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2022-29257",
    "datePublished": "2022-06-13T21:25:10.000Z",
    "dateReserved": "2022-04-13T00:00:00.000Z",
    "dateUpdated": "2025-04-23T18:16:23.820Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:17:54.538Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-29257\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-23T15:52:31.484526Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-23T15:52:32.905Z\"}}], \"cna\": {\"title\": \"Electron\u0027s AutoUpdater module fails to validate certain nested components of the bundle\", \"source\": {\"advisory\": \"GHSA-77xc-hjv8-ww97\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"electron\", \"product\": \"electron\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 15.5.5\"}, {\"status\": \"affected\", \"version\": \"\u003e= 16.0.0-beta.1, \u003c 16.2.6\"}, {\"status\": \"affected\", \"version\": \"\u003e= 17.0.0-beta.1, \u003c 17.2.0\"}, {\"status\": \"affected\", \"version\": \"\u003e= 18.0.0-beta.1, \u003c= 18.0.0-beta.5\"}]}], \"references\": [{\"url\": \"https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-20\", \"description\": \"CWE-20: Improper Input Validation\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2022-06-13T21:25:09.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"GHSA-77xc-hjv8-ww97\", \"discovery\": \"UNKNOWN\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"\u003c 15.5.5\"}, {\"version_value\": \"\u003e= 16.0.0-beta.1, \u003c 16.2.6\"}, {\"version_value\": \"\u003e= 17.0.0-beta.1, \u003c 17.2.0\"}, {\"version_value\": \"\u003e= 18.0.0-beta.1, \u003c= 18.0.0-beta.5\"}]}, \"product_name\": \"electron\"}]}, \"vendor_name\": \"electron\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97\", \"name\": \"https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-20: Improper Input Validation\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-29257\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Electron\u0027s AutoUpdater module fails to validate certain nested components of the bundle\", \"ASSIGNER\": \"security-advisories@github.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-29257\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-23T18:16:23.820Z\", \"dateReserved\": \"2022-04-13T00:00:00.000Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2022-06-13T21:25:10.000Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2022-29257

Vulnerability from fkie_nvd - Published: 2022-06-13 22:15 - Updated: 2024-11-21 06:58

Severity ?

6.6 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97	Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97	Third Party Advisory

Impacted products

Vendor	Product	Version
electronjs	electron	*
electronjs	electron	*
electronjs	electron	*
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	16.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	17.0.0
electronjs	electron	18.0.0
electronjs	electron	18.0.0
electronjs	electron	18.0.0
electronjs	electron	18.0.0
electronjs	electron	18.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B8B47CB-180C-4491-89D5-7682B45C06FF",
              "versionEndExcluding": "15.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "41B9A5F4-98BD-4C71-8971-7A2ED187B155",
              "versionEndExcluding": "16.2.0",
              "versionStartIncluding": "16.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4978EA-362E-46C8-A56B-4F4B47237C05",
              "versionEndExcluding": "17.2.0",
              "versionStartIncluding": "17.0.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "DCBD6783-12BE-4D63-B403-188943FB4F02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "989D1505-66D5-4855-A8FA-58F9566FF7FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E6C15DE2-CA55-4A42-8D64-C44068B24B93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "2A4E764B-39E3-4C93-8F7F-1ACFA66FA51B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "B67FFDE1-21D0-412E-95FB-D86A350EC9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta6:*:*:*:*:*:*",
              "matchCriteriaId": "04F71865-1B3E-4882-B316-87AEAEB84A9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta7:*:*:*:*:*:*",
              "matchCriteriaId": "CF914799-7DA1-4B93-9445-1DFCD72D6A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta8:*:*:*:*:*:*",
              "matchCriteriaId": "3DE7DE50-D9B1-48D9-A8F8-2DF34B80BC6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:16.0.0:beta9:*:*:*:*:*:*",
              "matchCriteriaId": "2E8C22CB-3247-47F9-8E54-F694437090ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "2C8C94BE-5D08-4563-AF15-5FC06BB679AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "987FAB5C-E1EC-4831-9AA0-FAD35A376584",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "FAF77E7D-D445-480D-BEBF-A071B58475C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "570418D1-09E9-4A39-8F19-D4ABC1788983",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "4D0F4031-84D6-4E8D-AED5-D8C1E5ED3CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta6:*:*:*:*:*:*",
              "matchCriteriaId": "F2B316FE-6214-46FA-88FF-F684DD3D53C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta7:*:*:*:*:*:*",
              "matchCriteriaId": "D8FA77A9-A4AF-404A-B144-97A3CE679444",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta8:*:*:*:*:*:*",
              "matchCriteriaId": "6A9DB6A0-6C09-44F9-A76B-7600E9B44CDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:17.0.0:beta9:*:*:*:*:*:*",
              "matchCriteriaId": "470F4DB3-4AB0-402F-A18C-22A430993F3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:18.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "11BEDA0E-71FE-4D37-B06F-FA4B281CD970",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:18.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "05B3D931-5802-471E-AE40-9282CC03E4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:18.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "56721A2E-45B2-4D19-B25D-DD8628185B97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:18.0.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "577CBB14-4AEF-4CF2-B203-88055A68810D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:electronjs:electron:18.0.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "16A23DCC-2355-4431-A452-40BC95D3164E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds."
    },
    {
      "lang": "es",
      "value": "Electron es un marco de trabajo para escribir aplicaciones de escritorio multiplataforma utilizando JavaScript (JS), HTML y CSS. Una vulnerabilidad en versiones anteriores a 18.0.0-beta.6, 17.2.0, 16.2.6 y 15.5.5, permite a atacantes que presentan el control de un determinado servidor de actualizaci\u00f3n de aplicaciones / almacenamiento de actualizaciones servir paquetes de actualizaci\u00f3n maliciosamente dise\u00f1ados que pasan la comprobaci\u00f3n de comprobaci\u00f3n de la firma de c\u00f3digo pero que contienen c\u00f3digo malicioso en algunos componentes. Este tipo de ataque requerir\u00eda privilegios significativos en la propia infraestructura de actualizaci\u00f3n autom\u00e1tica de una v\u00edctima potencial y la facilidad de ese ataque depende totalmente de la seguridad de la infraestructura de la v\u00edctima potencial. Electron versiones 18.0.0-beta.6, 17.2.0, 16.2.6 y 15.5.5 contienen una correcci\u00f3n para este problema. No se presentan mitigaciones conocidas"
    }
  ],
  "id": "CVE-2022-29257",
  "lastModified": "2024-11-21T06:58:49.333",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.7,
        "impactScore": 5.9,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-06-13T22:15:08.080",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2022-29257

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-29257

Aliases

CVE-2022-29257

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-29257",
    "description": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.",
    "id": "GSD-2022-29257"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-29257"
      ],
      "details": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.",
      "id": "GSD-2022-29257",
      "modified": "2023-12-13T01:19:42.060691Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2022-29257",
        "STATE": "PUBLIC",
        "TITLE": "Electron\u0027s AutoUpdater module fails to validate certain nested components of the bundle"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "electron",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 15.5.5"
                        },
                        {
                          "version_value": "\u003e= 16.0.0-beta.1, \u003c 16.2.6"
                        },
                        {
                          "version_value": "\u003e= 17.0.0-beta.1, \u003c 17.2.0"
                        },
                        {
                          "version_value": "\u003e= 18.0.0-beta.1, \u003c= 18.0.0-beta.5"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "electron"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-20: Improper Input Validation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97",
            "refsource": "CONFIRM",
            "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-77xc-hjv8-ww97",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c15.5.0||\u003e=16.0.0 \u003c16.2.0||\u003e=17.0.0 \u003c17.2.0||\u003e=18.0.0-beta.1 \u003c=18.0.0-beta.5",
          "affected_versions": "All versions before 15.5.0, all versions starting from 16.0.0 before 16.2.0, all versions starting from 17.0.0 before 17.2.0, all versions starting from 18.0.0-beta.1 up to 18.0.0-beta.5",
          "cvss_v2": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-937"
          ],
          "date": "2022-06-27",
          "description": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds.",
          "fixed_versions": [
            "15.5.0",
            "16.2.0",
            "17.2.0",
            "18.0.0"
          ],
          "identifier": "CVE-2022-29257",
          "identifiers": [
            "CVE-2022-29257",
            "GHSA-77xc-hjv8-ww97"
          ],
          "not_impacted": "All versions starting from 15.5.0 before 16.0.0, all versions starting from 16.2.0 before 17.0.0, all versions starting from 17.2.0 before 18.0.0-beta.1, all versions after 18.0.0-beta.5",
          "package_slug": "npm/electron",
          "pubdate": "2022-06-13",
          "solution": "Upgrade to versions 15.5.0, 16.2.0, 17.2.0, 18.0.0 or above.",
          "title": "Improper Input Validation",
          "urls": [
            "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97",
            "https://nvd.nist.gov/vuln/detail/CVE-2022-29257",
            "https://github.com/advisories/GHSA-77xc-hjv8-ww97"
          ],
          "uuid": "947fe1af-43a2-4e2f-87d3-c7878af9fea8"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:18.0.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:18.0.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:18.0.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:18.0.0:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:18.0.0:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "15.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:16.0.0:beta9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "16.2.0",
                "versionStartIncluding": "16.0.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:17.0.0:beta9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:electronjs:electron:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "17.2.0",
                "versionStartIncluding": "17.0.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2022-29257"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions prior to 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components. This kind of attack would require significant privileges in a potential victim\u0027s own auto updating infrastructure and the ease of that attack entirely depends on the potential victim\u0027s infrastructure security. Electron versions 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 contain a fix for this issue. There are no known workarounds."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-06-27T17:07Z",
      "publishedDate": "2022-06-13T22:15Z"
    }
  }
}

GHSA-77XC-HJV8-WW97

Vulnerability from github – Published: 2022-06-16 23:18 – Updated: 2022-06-29 21:48

Summary

AutoUpdater module fails to validate certain nested components of the bundle

Details

Impact

This vulnerability allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components.

Please note that this kind of attack would require significant privileges in your own auto updating infrastructure and the ease of that attack entirely depends on your infrastructure security.

Patches

This has been patched and the following Electron versions contain the fix:

18.0.0-beta.6
17.2.0
16.2.0
15.5.0

Workarounds

There are no workarounds for this issue, please update to a patched version of Electron.

For more information

If you have any questions or comments about this advisory, email us at security@electronjs.org

Severity ?

6.6 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "15.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "16.0.0"
            },
            {
              "fixed": "16.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "17.0.0"
            },
            {
              "fixed": "17.2.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 18.0.0-beta.5"
      },
      "package": {
        "ecosystem": "npm",
        "name": "electron"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "18.0.0-beta.1"
            },
            {
              "fixed": "18.0.0-beta.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-29257"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-06-16T23:18:47Z",
    "nvd_published_at": "2022-06-13T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThis vulnerability allows attackers who have control over a given apps update server / update storage to serve maliciously crafted update packages that pass the code signing validation check but contain malicious code in some components.\n\nPlease note that this kind of attack would require **significant** privileges in your own auto updating infrastructure and the ease of that attack entirely depends on your infrastructure security.\n\n### Patches\nThis has been patched and the following Electron versions contain the fix:\n\n* `18.0.0-beta.6`\n* `17.2.0`\n* `16.2.0`\n* `15.5.0`\n\n### Workarounds\nThere are no workarounds for this issue, please update to a patched version of Electron.\n\n### For more information\nIf you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org)",
  "id": "GHSA-77xc-hjv8-ww97",
  "modified": "2022-06-29T21:48:38Z",
  "published": "2022-06-16T23:18:47Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/electron/electron/security/advisories/GHSA-77xc-hjv8-ww97"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29257"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/electron/electron"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "AutoUpdater module fails to validate certain nested components of the bundle"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-29257 (GCVE-0-2022-29257)

FKIE_CVE-2022-29257

GSD-2022-29257

GHSA-77XC-HJV8-WW97

Impact

Patches

Workarounds

For more information

Tags

Sightings

Nomenclature