Logo
Submit a FixGo To App

AIKIDO-2024-10346

electron is vulnerable to Type Confusion

88

High

electron JS

AIKIDO-2024-10346: electron is vulnerable to Type Confusion in versions 31.0.0 - 31.7.0 and 32.0.0 - 32.2.0.

Type Confusion
Vuln in 31.0.0 - 31.7.0
Fixed in 31.7.1
Vuln in 32.0.0 - 32.2.0
Fixed in 32.2.1
CVE-2024-9602
TL;DR

Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade electron library to patch version.

Background info

Link to vendor website

Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For Free
Your data won't be shared · Read-only access
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US