Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
electronjs electron vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-44402
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. This only impacts apps that have the `embeddedAsarIntegrityValidation` and `onlyLoadAppFromAsar` fuses enabled. Apps without these fuses enabled are not impacted. ...
Electronjs Electron 27.0.0
Electronjs Electron
NA
CVE-2023-23623
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy that disables eval, specifically setting a `script-src` directive and _not_ providing `unsafe-eval` in that directive, is not respected in re...
Electronjs Electron 23.0.0
Electronjs Electron 22.0.0
NA
CVE-2023-39956
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps that are launched as command line executables are impacted. Specifically this issue can only be exploited if the following conditions are met: 1. The app...
Electronjs Electron
Electronjs Electron 26.0.0
NA
CVE-2023-29198
Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using `contextIsolation` and `contextBridge` are affected. This is a context isolation bypass, meaning that code running in the main world context in the...
Electronjs Electron
Electronjs Electron 25.0.0
Electronjs Electron 24.0.0
NA
CVE-2022-36077
The Electron framework enables writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions before 21.0.0-beta.1, 20.0.1, 19.0.11, and 18.3.7, Electron is vulnerable to Exposure of Sensitive Information. When following a redirect, Electron delays a chec...
Electronjs Electron
Electronjs Electron 21.0.0
6.5
CVSSv2
CVE-2022-29257
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions before 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows attackers who have control over a given apps update server / update storage to serve m...
Electronjs Electron 18.0.0
Electronjs Electron 17.0.0
Electronjs Electron
Electronjs Electron 16.0.0
6.8
CVSSv2
CVE-2022-29247
Electron is a framework for writing cross-platform desktop applications using JavaScript (JS), HTML, and CSS. A vulnerability in versions before 18.0.0-beta.6, 17.2.0, 16.2.6, and 15.5.5 allows a renderer with JS execution to obtain access to a new renderer process with `nodeInte...
Electronjs Electron 18.0.0
Electronjs Electron 17.0.0
Electronjs Electron
Electronjs Electron 16.0.0
4
CVSSv2
CVE-2022-21718
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to `17.0.0-alpha.6`, `16.0.6`, `15.3.5`, `14.2.4`, and `13.6.6` allows renderers to obtain access to a bluetooth device via the web bluetooth ...
Electronjs Electron
Electronjs Electron 17.0.0
5
CVSSv2
CVE-2021-39184
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions before 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's syste...
Electronjs Electron 15.0.0
Electronjs Electron 14.0.0
Electronjs Electron
4.3
CVSSv2
CVE-2021-32772
Poddycast is a podcast app made with Electron. Prior to version 0.8.1, an attacker can create a podcast or episode with malicious characters and execute commands on the client machine. The application does not clean the HTML characters of the podcast information obtained from the...
Electronjs Poddycast 0.8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »