nuclei-templates/file/electron/electron-version-detect.yaml

id: electron-version-detect

info:
  name: Google Chromium/Electron - Remote Code Execution
  author: me9187
  severity: info
  description: Google Chromium contains a remote code execution vulnerability which affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the sandbox option is enabled. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
  remediation: Update to Electron 1.7.8 or 1.6.14, both of which include a fix for this vulnerability.
  reference:
    - https://www.electronjs.org/blog/chromium-rce-vulnerability/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: electron,file

file:
  - extensions:
      - json

    extractors:
      - type: regex
        regex:
          - '"electronVersion":"[^"]*"'

# Enhanced by md on 2023/05/03
fixed invalid template syntax 2021-10-30 11:17:35 +00:00			`id: electron-version-detect`
Create electron-version-detect.yaml Detects electron version from package.json files 2021-10-10 19:49:54 +00:00
			`info:`
Enhancement: file/electron/electron-version-detect.yaml by md 2023-05-03 21:07:32 +00:00			`name: Google Chromium/Electron - Remote Code Execution`
Create electron-version-detect.yaml Detects electron version from package.json files 2021-10-10 19:49:54 +00:00			`author: me9187`
			`severity: info`
Enhancement: file/electron/electron-version-detect.yaml by md 2023-05-03 21:07:32 +00:00			`description: Google Chromium contains a remote code execution vulnerability which affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the sandbox option is enabled. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.`
			`remediation: Update to Electron 1.7.8 or 1.6.14, both of which include a fix for this vulnerability.`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- https://www.electronjs.org/blog/chromium-rce-vulnerability/`
Enhancement: file/electron/electron-version-detect.yaml by md 2023-05-03 21:07:57 +00:00			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
			`cvss-score: 0.0`
			`cwe-id: CWE-200`
Create electron-version-detect.yaml Detects electron version from package.json files 2021-10-10 19:49:54 +00:00			`tags: electron,file`

			`file:`
			`- extensions:`
			`- json`

			`extractors:`
Update electron-version-detect.yaml fucking yaml 2021-10-10 19:59:22 +00:00			`- type: regex`
			`regex:`
			`- '"electronVersion":"[^"]*"'`
Enhancement: file/electron/electron-version-detect.yaml by md 2023-05-03 21:07:32 +00:00
			`# Enhanced by md on 2023/05/03`