robopaint icon indicating copy to clipboard operation
robopaint copied to clipboard
verified publisher icon evil-mad

Update electron for known critical severity security vulnerability

Open oskay opened this issue 8 years ago • 3 comments

We have a headline-level security notice from github: https://github.com/evil-mad/robopaint/network/dependencies

oskay avatar Jan 23 '18 06:01 oskay

Is it for CVE-2017-1000006?

docprofsky avatar Jan 23 '18 06:01 docprofsky

CVE-2018-1000006

oskay avatar Jan 23 '18 06:01 oskay

While searching, I also found an older RCE vulnerability, which is not fixed until 1.6.14 and 1.7.8. https://electronjs.org/blog/chromium-rce-vulnerability

docprofsky avatar Jan 23 '18 06:01 docprofsky