CVE-2023-27035

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-27035

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-27035.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-27035

Published

2023-05-01T22:15:09.547Z

Modified

2026-03-14T15:01:06.910388Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue discovered in Obsidian Canvas 1.1.9 allows remote attackers to send desktop notifications, record user audio and other unspecified impacts via embedded website on the canvas page.

References

Affected packages

Git / github.com/obsidianmd/obsidian-releases

Affected ranges

Type

GIT

Repo

https://github.com/obsidianmd/obsidian-releases

Events

Introduced

Last affected

02ebffce27a86492f0f504dd689febe2170f8add

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.1.9"
        }
    ]
}

Affected versions

v0.*

v0.10.0

v0.10.1

v0.10.10

v0.10.11

v0.10.12

v0.10.13

v0.10.2

v0.10.3

v0.10.4

v0.10.5

v0.10.6

v0.10.7

v0.10.8

v0.10.9

v0.11.0

v0.11.1

v0.11.10

v0.11.11

v0.11.12

v0.11.13

v0.11.2

v0.11.3

v0.11.4

v0.11.5

v0.11.6

v0.11.7

v0.11.8

v0.11.9

v0.12.0

v0.12.1

v0.12.10

v0.12.11

v0.12.12

v0.12.13

v0.12.14

v0.12.15

v0.12.16

v0.12.17

v0.12.18

v0.12.19

v0.12.2

v0.12.3

v0.12.4

v0.12.5

v0.12.6

v0.12.7

v0.12.8

v0.12.9

v0.13.14

v0.13.19

v0.13.23

v0.13.24

v0.13.30

v0.13.31

v0.13.33

v0.14.15

v0.14.2

v0.14.5

v0.14.6

v0.15.6

v0.15.8

v0.15.9

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.6.0

v0.6.1

v0.6.2

v0.6.3

v0.6.4

v0.6.5

v0.6.6

v0.6.7

v0.7.0

v0.7.1

v0.7.2

v0.7.3

v0.7.4

v0.7.5

v0.7.6

v0.8.0

v0.8.1

v0.8.10

v0.8.11

v0.8.12

v0.8.13

v0.8.14

v0.8.15

v0.8.2

v0.8.3

v0.8.4

v0.8.5

v0.8.6

v0.8.7

v0.8.8

v0.8.9

v0.9.0

v0.9.1

v0.9.10

v0.9.11

v0.9.12

v0.9.13

v0.9.14

v0.9.15

v0.9.16

v0.9.17

v0.9.18

v0.9.19

v0.9.2

v0.9.20

v0.9.21

v0.9.22

v0.9.3

v0.9.4

v0.9.5

v0.9.6

v0.9.7

v0.9.8

v0.9.9

v1.*

v1.0.0

v1.0.3

v1.1.8

v1.1.8-E21

v1.1.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-27035.json"