Electrum 1.7.3

CPE Details

Electrum 1.7.3
electrum
electrum
1.7.3
2019-10-09
16h10 +00:00
2019-10-09
16h10 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:electrum:electrum:1.7.3:*:*:*:*:*:*:*

Informations

Vendor

electrum

Product

electrum

Version

1.7.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-31246 2022-06-17 11h39 +00:00 paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename.
5.5
Medium
CVE-2018-6353 2018-01-27 15h00 +00:00 The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022.
7.8
High