Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP3 package nodejs-electron, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (18)
CVE-2021-37981 — CVSS 9.6 (critical): Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to…
CVE-2021-38002 — CVSS 9.6 (critical): Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape…
CVE-2021-30628 — CVSS 8.8 (high): Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit stack corruption via…
CVE-2021-30626 — CVSS 8.8 (high): Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap…
CVE-2021-30627 — CVSS 8.8 (high): Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2021-37992 — CVSS 8.8 (high): Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2021-37998 — CVSS 8.8 (high): Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap…
CVE-2021-38001 — CVSS 8.8 (high): Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted…
CVE-2021-30625 — CVSS 8.8 (high): Use after free in Selection API in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who convinced the user the visit a…
CVE-2021-37984 — CVSS 8.8 (high): Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2021-37987 — CVSS 8.8 (high): Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via…
CVE-2021-37989 — CVSS 6.5 (medium): Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via…
CVE-2021-37996 — CVSS 5.5 (medium): Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation…
CVE-2021-30630 — CVSS 4.3 (medium): Inappropriate implementation in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker who had compromised the renderer…
CVE-2021-30631: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…