CVE-2020-26272: IPC messages delivered to the wrong frame in Electron
(updated )
IPC messages sent from the main process to a subframe in the renderer process, through webContents.sendToFrame
, event.reply
or when using the remote
module, can in some cases be delivered to the wrong frame.
If your app does ANY of the following, then it is impacted by this issue:
- Uses
remote
- Calls
webContents.sendToFrame
- Calls
event.reply
in an IPC message handler
References
- github.com/advisories/GHSA-hvf8-h2qh-37m9
- github.com/electron/electron/commit/07a1c2a3e5845901f7e2eda9506695be58edc73c
- github.com/electron/electron/commit/0bbd268eb4caf35604443df5ff196980dd49e208
- github.com/electron/electron/commit/36c695ce2a7e22c07fe1e30c61c00d20371daee2
- github.com/electron/electron/commit/429400040ecb16a21d19936658579e65a797e4cc
- github.com/electron/electron/commit/5c8e7e8b7f485ceafa8b271086d7b87e1de9dedd
- github.com/electron/electron/pull/26875
- github.com/electron/electron/releases/tag/v9.4.0
- github.com/electron/electron/security/advisories/GHSA-hvf8-h2qh-37m9
- nvd.nist.gov/vuln/detail/CVE-2020-26272
- www.electronjs.org/releases/stable?version=9
Code Behaviors & Features
Detect and mitigate CVE-2020-26272 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →