Pricing Enterprise

CVE-2023-31874

8.8HIGH

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

Published: 5/29/2023Updated: 1/14/2025

View on NVD View on MITRE

Description

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

AI AnalysisPowered by AI

Affected Products

yank-noteyank_note

3.52.1

Available Exploits (1)

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

8bitsec5/23/2023

References

http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html
Third Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html
Third Party AdvisoryVDB Entry