CefSharp.Wpf.HwndHost

NuGet5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting CefSharp.Wpf.HwndHostpage 1 of 1

CVE-2020-15999CRITICALCVSS 9.6EG 9.6⚠ KEV✓ Fixed in 85.3.130
2020-11-03
vulnerable: 83.4.20-pre, 84.4.10, 85.3.121
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16009HIGHCVSS 8.8EG 9.0⚠ KEV✓ Fixed in 86.0.241
2020-11-03
vulnerable: 83.4.20-pre, 84.4.10, 85.3.121, 85.3.130
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16013HIGHCVSS 8.8EG 9.0⚠ KEV✓ Fixed in 86.0.241
2021-01-08
vulnerable: 83.4.20-pre, 84.4.10, 85.3.121, 85.3.130
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16017CRITICALCVSS 9.6EG 9.6⚠ KEV✓ Fixed in 86.0.241
2021-01-08
vulnerable: 83.4.20-pre, 84.4.10, 85.3.121, 85.3.130
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-0609HIGHCVSS 8.8EG 9.0⚠ KEV✓ Fixed in 98.1.210
2022-04-05
vulnerable: 83.4.20-pre ... 97.1.61 (22 versions)
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Check whether CefSharp.Wpf.HwndHost is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for CefSharp.Wpf.HwndHost CVEs against the assets you own.

Start Free Scan →