The vulnerability of the `createThumbnailFromPath` function in the Electron application creation software platform allows a hacker to disclose protected information.

The vulnerability of the createThumbnailFromPath function in the Electron application development platform is related to the disclosure of information in a erroneous data area. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...

GHSA-MPJM-V997-C4H4 Electron's sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API

Impact This vulnerability allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potentially include significant parts of the original file, including textual data in many cases. All current stable versions of Electron are affected...

CVE-2021-39184

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potential...

Hardcoded credentials

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potential...

CVE-2021-39184 Sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to request a "thumbnail" image of an arbitrary file on the user's system. The thumbnail can potential...