aikido.dev Secure My Code

Intel/AIKIDO-2024-10359

AIKIDO-2024-10359

electron is vulnerable to Out-of-bounds Read

Out-of-bounds ReadCVE-2024-7966 Published Oct 24, 2024

88

High Risk

This Affects:

31.0.0 - 31.7.1

Fixed in 31.7.2

32.0.0 - 32.2.1

Fixed in 32.2.2

Are you affected? Scan for Free

TL;DR

Out-of-bounds memory access in Skia in Google Chrome prior to version 128.0.6613.84 allowed a remote attacker, who had compromised the renderer process, to perform out-of-bounds memory access via a crafted HTML page. This vulnerability could lead to information disclosure, memory corruption, or potentially remote code execution. (Chromium security severity: High)

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range.

Background info

electron is vulnerable to Out-of-bounds Read in versions 31.0.0 - 31.7.1 and 32.0.0 - 32.2.1.

How to fix this

Upgrade the electron library to a patch version.

88

High Risk

This Affects:

31.0.0 - 31.7.1

Fixed in 31.7.2

32.0.0 - 32.2.1

Fixed in 32.2.2

Are you affected? Scan for Free

Links

GitHub Release

github.com/electron/electron/releases/tag/v32.2.2

Other

chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html

issues.chromium.org/issues/355465305

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Free. No credit card required.

Aikido Platform

Company

Resources

Industries

Use Cases

Compare

Legal

Connect

hello@aikido.dev

Security

Subscribe

Stay up to date with all updates

LinkedIn YouTube X

© 2026 Aikido Security BV | BE0792914919

Keizer Karelstraat 15, 9000, Ghent, Belgium

95 Third St, 2nd Fl, San Francisco, CA 94103, US

Unit 6.15 Runway East 18 18 Crucifix Ln, London SE1 3JW UK

Ghent, Belgium | San Francisco, US

SOC 2

ISO 27001

ISO 27001Compliant

Get Security Done