Skip to main content

Data Processing Errors

CVE-2017-1000424

Severity Medium
Score 4.3/10

Summary

Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.

  • LOW
  • NETWORK
  • LOW
  • UNCHANGED
  • REQUIRED
  • NONE
  • NONE
  • NONE

CWE-19 - Data Processing Errors

Weaknesses in this category are typically found in functionality that processes data. Data processing is the manipulation of input to retrieve or save information.

Advisory Timeline

  • Published