5 matches found
CVE-2024-46992
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...
CVE-2024-46992 Electron ASAR Integrity bypass by just modifying the content
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From versions 30.0.0-alpha.1 to before 30.0.5 and 31.0.0-alpha.1 to before 31.0.0-beta.1, Electron is vulnerable to an ASAR Integrity bypass. This only impacts apps that have the...
CVE-2024-46992
CVE-2024-46992 affects Electron versions 30.0.0-alpha.1 through 30.0.4, and 31.0.0-alpha.1 through 31.0.0-beta.1. The issue is an ASAR integrity bypass that applies only when embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses are enabled, and only if the app is launched from a writable...
electron ASAR Integrity bypass by just modifying the content
electron's ASAR Integrity can be bypass by modifying the content. Impact This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to Windows, apps using these fuses on macO...
GHSA-XW5Q-G62X-2QJC electron ASAR Integrity bypass by just modifying the content
electron's ASAR Integrity can be bypass by modifying the content. Impact This only impacts apps that have the embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to Windows, apps using these fuses on macO...