2 matches found
CVE-2024-46993
CVE-2024-46993 : In Electron, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions are vulnerable to a heap-based buffer overflow when processing image data whose height, width, or contents are controlled by an attacker. Affected releases include Electron versions prior t...
CVE-2024-46993 Electron Vulnerable to Heap Buffer Overflow in NativeImage::CreateFromPath
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath and nativeImage.createFromBuffer functions call a function downstream that is vulnerable to a heap...