Electron: nodeIntegrationInWorker not correctly scoped in shared renderer processes

Impact The nodeIntegrationInWorker webPreference was not correctly scoped in all configurations. In certain process-sharing scenarios, workers spawned in frames configured with nodeIntegrationInWorker: false could still receive Node.js integration. Apps are only affected if they enable...

PT-2023-27003 · Node.Js +1 · Node.Js +1

Name of the Vulnerable Software and Affected Versions: SES versions 0.13.0 through 0.13.4 SES versions 0.14.0 through 0.14.4 SES versions 0.15.0 through 0.15.23 SES versions 0.16.0 through 0.16.0 SES versions 0.17.0 through 0.17.0 SES versions 0.18.0 through 0.18.6 Description: There is a hole in...