In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade electron
to version 28.3.2, 29.3.3, 30.0.3 or higher.
electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS.
Affected versions of this package are vulnerable to Heap-based Buffer Overflow. The nativeImage.createFromPath
or nativeImage.createFromBuffer
APIs in Electron, which make use of Chromium's JPEGCodec::Decode
, are vulnerable to a heap-based buffer overflow. An attacker can execute arbitrary code or cause a crash by supplying specially crafted image data.