electron@32.1.0 vulnerabilities

Build cross platform desktop apps with JavaScript, HTML, and CSS

latest version

33.2.0
first published

12 years ago
latest version published

9 days ago
licenses detected
- MIT
  >=0
View electron package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the electron package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Access Restriction Bypass electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access Restriction Bypass due to an inappropriate implementation in the `Extensions` feature. An attacker can bypass site isolation. How to fix Access Restriction Bypass? A fix was pushed into the `master` branch but not yet published.	*
H Use After Free electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Use After Free via the `Serial` process. An attacker can potentially exploit heap corruption. How to fix Use After Free? A fix was pushed into the `master` branch but not yet published.	*
M Access of Resource Using Incompatible Type ('Type Confusion') electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via a crafted HTML page. An attacker can potentially exploit heap corruption. How to fix Access of Resource Using Incompatible Type ('Type Confusion')? Upgrade `electron` to version 32.2.3 or higher.	<32.2.3
H Improper Access Control electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Improper Access Control due to an inappropriate implementation in Extensions. An attacker can bypass site isolation. How to fix Improper Access Control? Upgrade `electron` to version 31.7.4, 32.2.3 or higher.	<31.7.4 >=32.0.0 <32.2.3
M Access of Resource Using Incompatible Type ('Type Confusion') electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Access of Resource Using Incompatible Type ('Type Confusion') via a crafted HTML page. An attacker can potentially exploit heap corruption. How to fix Access of Resource Using Incompatible Type ('Type Confusion')? Upgrade `electron` to version 31.7.4, 32.2.3 or higher.	<31.7.4 >=32.0.0 <32.2.3
H Out-of-bounds Write electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Out-of-bounds Write in Dawn. How to fix Out-of-bounds Write? Upgrade `electron` to version 31.7.4, 32.2.3 or higher.	<31.7.4 >=32.0.0 <32.2.3
H Type Confusion electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Type Confusion in v8 engine. How to fix Type Confusion? A fix was pushed into the `master` branch but not yet published.	*

Go back to all versions of this package

electron@32.1.0 vulnerabilities

Build cross platform desktop apps with JavaScript, HTML, and CSS

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities