VYPR

Camunda Modeler

by Camunda

CVEs (1)

  • CVE-2021-28154Mar 11, 2021
    risk 0.00cvss epss 0.01

    Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which manipulates the readFile and writeFile APIs. NOTE: the vendor states "The way we secured…