
electron
npm · Build cross platform desktop apps with JavaScript, HTML, and CSS · Repository · Package
Security Advisories for electron in npm
High
about 2 years ago
Electron affected by libvpx's heap buffer overflow in vp8 encoding
npm
electron
High
about 2 years ago
libwebp: OOB write in BuildHuffmanTable
npm, cargo
electron, libwebp-sys, libwebp-sys2
Moderate
about 2 years ago
Electron vulnerable to out-of-package code execution when launched with arbitrary cwd
npm
electron
Moderate
about 2 years ago
Electron context isolation bypass via nested unserializable return value
npm
electron
High
about 2 years ago
Electron's Content-Secrity-Policy disabling eval not applied consistently in renderers with sandbox disabled
npm
electron
Moderate
almost 3 years ago
Exfiltration of hashed SMB credentials on Windows via file:// redirect
npm
electron
Moderate
over 3 years ago
AutoUpdater module fails to validate certain nested components of the bundle
npm
electron
Low
over 3 years ago
Compromised child renderer processes could obtain IPC access without nodeIntegrationInSubFrames being enabled
npm
electron
Low
over 3 years ago
Renderers can obtain access to random bluetooth device without permission in Electron
npm
electron
Moderate
almost 4 years ago
Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API
npm
electron
High
about 5 years ago
Context isolation bypass via leaked cross-context objects in Electron
npm
electron
High
about 7 years ago
Electron webPreferences vulnerability can be used to perform remote code execution
npm
electron
High
over 7 years ago
Electron protocol handler browser vulnerable to Command Injection
npm
electron
High
over 7 years ago
Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration
npm
electron