Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/01 8:1 a.m.19 views

CVE-2024-46992

A flaw was found in Electron. The vulnerability stems from improper handling of ASAR Archive files, allowing a local attacker to manipulate archive contents without proper integrity verification. This issue can lead to arbitrary code execution within the application's context via a crafted ASAR...

7.8CVSS6.7AI score0.00105EPSS
Exploits0References2
NVD
NVD
added 2025/07/01 2:15 a.m.15 views

CVE-2024-46992

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...

7.8CVSS0.00105EPSS
Exploits0References2
CVE
CVE
added 2025/07/01 1:43 a.m.89 views

CVE-2024-46992

CVE-2024-46992 affects Electron versions 30.0.0-alpha.1 through 30.0.4, and 31.0.0-alpha.1 through 31.0.0-beta.1. The issue is an ASAR integrity bypass that applies only when embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses are enabled, and only if the app is launched from a writable...

7.8CVSS6.5AI score0.00105EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/01 1:43 a.m.12 views

CVE-2024-46992 Electron ASAR Integrity bypass by just modifying the content

Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...

7.8CVSS0.00105EPSS
Exploits0References2
Rows per page
Query Builder