CVE-2022-36450 Blast Radius

HIGH • CVSS 8Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2022-36450.

Start Free Scan →← Back to CVE-2022-36450