2 matches found
CVE-2020-4077
In Electron, a context isolation bypass affects versions prior to 7.2.4, 8.2.4, and 9.0.0-beta21 where code in the main world of a renderer can access the isolated Electron context when both contextIsolation and contextBridge are used. The issue is fixed in 7.2.4, 8.2.4, and 9.0.0-beta.21. Mitiga...
@amazingcat/amazing-iohook (=8.2.3), @donmahallem/trapeze-client-desktop (=5.1.1) +14 more potentially affected by CVE-2020-4077 via electron (>=8.0.0 <=8.2.3)
electron NPM version =8.0.0, =8.0.0, =0.1.0, =4.0.0-beta.1, =1.0.1, =1.7.0, =1.0.3, =1.0.5, =1.1.35, =3.1.20, =3.2.1 and more Source cves: CVE-2020-4077 Source advisory: OSV:GHSA-H9JC-284H-533G...