CVE-2023-7245 | OpenVPN Connect Node.js Framework ELECTRON_RUN_AS_NODE neutralization of directives

Inserito da Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability has been found in OpenVPN Connect and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Node.js Framework. The manipulation of the argument ELECTRON_RUN_AS_NODE leads to improper neutralization of directives in dynamically evaluated code (‘eval injection’).

This vulnerability is known as CVE-2023-7245. Attacking locally is a requirement. There is no exploit available.

CVE-2023-7245 | OpenVPN Connect Node.js Framework ELECTRON_RUN_AS_NODE neutralization of directives

Post correlati

CVE-2024-42625 | FrogCMS 0.9.5 /admin/ cross-site request forgery

CVE-2024-27847 | Apple iOS/iPadOS up to 17.4 App access control (HT214101)

CVE-2024-34221 | SourceCodester Human Resource Management System 1.0 permission

CVE-2023-22576 | Dell Repository Manager up to 3.4.2 Installation Module privileges management (dsa-2023-017)