4 matches found
CVE-2024-46992
A flaw was found in Electron. The vulnerability stems from improper handling of ASAR Archive files, allowing a local attacker to manipulate archive contents without proper integrity verification. This issue can lead to arbitrary code execution within the application's context via a crafted ASAR...
CVE-2024-46992
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...
CVE-2024-46992
CVE-2024-46992 affects Electron versions 30.0.0-alpha.1 through 30.0.4, and 31.0.0-alpha.1 through 31.0.0-beta.1. The issue is an ASAR integrity bypass that applies only when embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses are enabled, and only if the app is launched from a writable...
CVE-2024-46992 Electron ASAR Integrity bypass by just modifying the content
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...