Tags: security upstream
the following vulnerability was published for electrum.
| The Python console in Electrum through 2.9.4 and 3.x through 3.0.5
| supports arbitrary Python code without considering (1)
| social-engineering attacks in which a user pastes code that they do not
| understand and (2) code pasted by a physically proximate attacker at an
| unattended workstation, which makes it easier for attackers to steal
| Bitcoin via hook code that runs at a later time when the wallet
| password has been entered, a different vulnerability than
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see: