CVE Vulnerabilities

CVE-2024-23743

Published: Jan 28, 2024 | Modified: May 17, 2024
CVSS 3.x
3.3
LOW
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Notion through 3.1.0 on macOS might allow code execution because of RunAsNode and enableNodeClilnspectArguments. NOTE: the vendor states the attacker must launch the Notion Desktop application with nonstandard flags that turn the Electron-based application into a Node.js execution environment.

Affected Software

Name Vendor Start Version End Version
Notion Notion * 3.1.0 (including)

References