Vulnerability	Vulnerable Version
H Incorrect Calculation of Buffer Size electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size via insufficient validation of untrusted input in `ANGLE` and `GPU`. An attacker can escape the sandbox by submitting a specially crafted HTML page. How to fix Incorrect Calculation of Buffer Size? Upgrade `electron` to version 37.2.4 or higher.	<37.2.4
H Function Call with Incorrectly Specified Arguments electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Function Call with Incorrectly Specified Arguments via an incorrect handle provided in unspecified circumstances in Mojo. An attacker can reflect a broker-initiated transport back to a broker, which ultimately allows for handle leaks if the reflected transport is later used to deserialize another transport containing handles. How to fix Function Call with Incorrectly Specified Arguments? Upgrade `electron` to version 36.3.0 or higher.	<36.3.0
M Information Exposure electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Information Exposure via the `Loader` component. An attacker can leak sensitive cross-origin data by crafting a malicious HTML page. How to fix Information Exposure? Upgrade `electron` to version 36.3.0 or higher.	<36.3.0

Go back to all versions of this package