Precios Enterprise

CVE-2023-31874

8.8HIGH

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

Publicado: 5/29/2023Actualizado: 1/14/2025

Ver en NVD Ver en MITRE

Descripción

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

Análisis IAImpulsado por IA

Productos Afectados

yank-noteyank_note

3.52.1

Exploits Disponibles (1)

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

8bitsec5/23/2023

Referencias

http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html
Third Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html
Third Party AdvisoryVDB Entry