CefSharp.Wpf

NuGet5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting CefSharp.Wpfpage 1 of 1

CVE-2020-15999CRITICALCVSS 9.6EG 9.6⚠ KEV✓ Fixed in 85.3.130
2020-11-03
vulnerable: 1.25.2-perlun0 ... 85.3.121-pre (92 versions)
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16009HIGHCVSS 8.8EG 8.8⚠ KEV✓ Fixed in 86.0.241
2020-11-03
vulnerable: 1.25.2-perlun0 ... 86.0.240-pre (94 versions)
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16013HIGHCVSS 8.8EG 9.0⚠ KEV✓ Fixed in 86.0.241
2021-01-08
vulnerable: 1.25.2-perlun0 ... 86.0.240-pre (94 versions)
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16017CRITICALCVSS 9.6EG 9.6⚠ KEV✓ Fixed in 86.0.241
2021-01-08
vulnerable: 1.25.2-perlun0 ... 86.0.240-pre (94 versions)
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-0609HIGHCVSS 8.8EG 8.8⚠ KEV✓ Fixed in 98.1.210
2022-04-05
vulnerable: 1.25.2-perlun0 ... 98.1.190 (133 versions)
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Check whether CefSharp.Wpf is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for CefSharp.Wpf CVEs against the assets you own.

Start Free Scan →