electron@31.0.0-beta.5 vulnerabilities

Build cross platform desktop apps with JavaScript, HTML, and CSS

latest version

33.2.0
first published

12 years ago
latest version published

9 days ago
licenses detected
- MIT
  >=0
View electron package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the electron package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Access Restriction Bypass electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access Restriction Bypass due to an inappropriate implementation in the `Extensions` feature. An attacker can bypass site isolation. How to fix Access Restriction Bypass? A fix was pushed into the `master` branch but not yet published.	*
H Use After Free electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free via the `Serial` process. An attacker can potentially exploit heap corruption. How to fix Use After Free? A fix was pushed into the `master` branch but not yet published.	*
M Access of Resource Using Incompatible Type ('Type Confusion') electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via a crafted HTML page. An attacker can potentially exploit heap corruption. How to fix Access of Resource Using Incompatible Type ('Type Confusion')? Upgrade `electron` to version 32.2.3 or higher.	<32.2.3
H Improper Access Control electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Improper Access Control due to an inappropriate implementation in Extensions. An attacker can bypass site isolation. How to fix Improper Access Control? Upgrade `electron` to version 31.7.4, 32.2.3 or higher.	<31.7.4 >=32.0.0 <32.2.3
M Access of Resource Using Incompatible Type ('Type Confusion') electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via a crafted HTML page. An attacker can potentially exploit heap corruption. How to fix Access of Resource Using Incompatible Type ('Type Confusion')? Upgrade `electron` to version 31.7.4, 32.2.3 or higher.	<31.7.4 >=32.0.0 <32.2.3
H Out-of-bounds Write electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-bounds Write in Dawn. How to fix Out-of-bounds Write? Upgrade `electron` to version 31.7.4, 32.2.3 or higher.	<31.7.4 >=32.0.0 <32.2.3
M Heap-based Buffer Overflow electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the `V8` engine. How to fix Heap-based Buffer Overflow? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
M Heap-based Buffer Overflow electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in Fonts. How to fix Heap-based Buffer Overflow? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Heap-based Buffer Overflow electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in Skia. How to fix Heap-based Buffer Overflow? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Heap-based Buffer Overflow electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in Skia. How to fix Heap-based Buffer Overflow? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Type Confusion electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Type Confusion via the V8 engine. How to fix Type Confusion? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
C Out-of-Bounds Write electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-Bounds Write via the V8 engine. An attacker can potentially exploit heap corruption by crafting a malicious HTML page. How to fix Out-of-Bounds Write? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Use After Free electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free via the `WebAudio` process. An attacker can potentially exploit heap corruption by crafting a malicious HTML page. How to fix Use After Free? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Heap-based Buffer Overflow electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Heap-based Buffer Overflow in Skia How to fix Heap-based Buffer Overflow? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H External Control of Assumed-Immutable Web Parameter electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to External Control of Assumed-Immutable Web Parameter via a crafted HTML page. An attacker can perform an out of bounds memory write by sending a specially crafted HTML content. How to fix External Control of Assumed-Immutable Web Parameter? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Use After Free electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free via the `Dawn` component. An attacker can potentially exploit heap corruption by crafting a malicious HTML page. How to fix Use After Free? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
M Type Confusion electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Type Confusion. An attacker can access memory locations outside of the intended bounds by crafting a malicious HTML page that triggers type confusion in the V8 engine. How to fix Type Confusion? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Out-of-bounds Read electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-bounds Read via a crafted HTML page. An attacker can access memory locations outside the intended boundary by crafting a malicious HTML page that triggers the flaw. How to fix Out-of-bounds Read? Upgrade `electron` to version 31.7.2 or higher.	<31.7.2
H Out-of-bounds Read electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-bounds Read in Skia. How to fix Out-of-bounds Read? Upgrade `electron` to version 31.7.2, 32.2.2 or higher.	<31.7.2 >=32.2.0 <32.2.2
C Type Confusion electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Type Confusion via crafted HTML content. How to fix Type Confusion? Upgrade `electron` to version 31.7.1, 32.2.1 or higher.	<31.7.1 >=32.2.0 <32.2.1
H Type Confusion electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Type Confusion in `InferHasInPrototypeChain` of the `V8` engine. How to fix Type Confusion? Upgrade `electron` to version 31.7.1, 32.2.1 or higher.	<31.7.1 >=32.2.0 <32.2.1
H Type Confusion electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Type Confusion in v8 engine. How to fix Type Confusion? A fix was pushed into the `master` branch but not yet published.	*

Go back to all versions of this package

electron@31.0.0-beta.5 vulnerabilities

Build cross platform desktop apps with JavaScript, HTML, and CSS

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities