2 matches found
CVE-2024-46993 Electron Vulnerable to Heap Buffer Overflow in NativeImage::CreateFromPath
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath and nativeImage.createFromBuffer functions call a function downstream that is vulnerable to a heap...
GHSA-6R2X-8PQ8-9489 Electron vulnerable to Heap Buffer Overflow in NativeImage
Impact The nativeImage.createFromPath and nativeImage.createFromBuffer functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's...