electron@10.1.4

Vulnerabilities

2 via 2 paths

Dependencies

86

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 2
Status
  • 2
  • 0
  • 0

high severity

Heap-based Buffer Overflow

  • Vulnerable module: electron
  • Introduced through: electron@10.1.4

Detailed paths

  • Introduced through: electron@10.1.4
    Remediation: Upgrade to electron@10.1.5.

Overview

electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS.

Affected versions of this package are vulnerable to Heap-based Buffer Overflow in Freetype.

Remediation

Upgrade electron to version 8.5.3, 9.3.3, 10.1.5 or higher.

References

high severity

new

Use After Free

  • Vulnerable module: electron
  • Introduced through: electron@10.1.4

Detailed paths

  • Introduced through: electron@10.1.4
    Remediation: Upgrade to electron@10.1.6.

Overview

electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS.

Affected versions of this package are vulnerable to Use After Free via the site isolation.

Remediation

Upgrade electron to version 8.5.4, 10.1.6, 11.0.1 or higher.

References