Severity: high

Chromium Remote Code Execution

electron

Overview

Affected versions of ElectronJS are susceptible to a remote code execution vulnerability that occurs when an affected application access remote content, even if the sandbox option is enabled.

Remediation

Update to electron version 1.7.8 or later.

Have content suggestions? Send them to [email protected]

Advisory timeline

  1. published

    Advisory published
    Sep 28th, 2017
  2. reported

    Sep 28th, 2017