AIKIDO-2024-10346
electron is vulnerable to Type Confusion
88
High
electron JS
AIKIDO-2024-10346: electron is vulnerable to Type Confusion in versions 31.0.0 - 31.7.0 and 32.0.0 - 32.2.0.
Type Confusion
Vuln in 31.0.0 - 31.7.0
Fixed in 31.7.1
Vuln in 32.0.0 - 32.2.0
Fixed in 32.2.1
CVE-2024-9602
TL;DR
Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
Who does this affect?
You're affected if you are using a version which is within vulnerability ranges.
How can it be fixed?
Upgrade electron library to patch version.
Background info
Don’t be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US