定价企业版

CVE-2023-31874

8.8HIGH

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

发布于: 5/29/2023更新于: 1/14/2025

在NVD查看在MITRE查看

描述

Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process').

AI分析AI驱动

受影响产品

yank-noteyank_note

3.52.1

可用漏洞利用 (1)

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

8bitsec5/23/2023

参考资料

http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html
Third Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/172535/Yank-Note-3.52.1-Arbitrary-Code-Execution.html
Third Party AdvisoryVDB Entry