Electrum 1.5.5

CPE Details

Electrum 1.5.5
electrum
electrum
1.5.5
2019-10-09
16h10 +00:00
2019-10-09
16h10 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:electrum:electrum:1.5.5:*:*:*:*:*:*:*

Informations

Vendor

electrum

Product

electrum

Version

1.5.5

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-31246 2022-06-17 11h39 +00:00 paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment request (e.g., within QR code data). On Windows, this can lead to capture of credentials over SMB. On Linux and UNIX, it can lead to a denial of service by specifying the /dev/zero filename.
5.5
Moyen
CVE-2018-6353 2018-01-27 15h00 +00:00 The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks in which a user pastes code that they do not understand and (2) code pasted by a physically proximate attacker at an unattended workstation, which makes it easier for attackers to steal Bitcoin via hook code that runs at a later time when the wallet password has been entered, a different vulnerability than CVE-2018-1000022.
7.8
Haute