VYPR

Electrum

by Electrum

CVEs (1)

  • CVE-2022-31246MedJun 17, 2022
    risk 0.36cvss 5.5epss 0.01

    paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero…