9Tem
CVE-2024-39698 | electron-userland electron-builder up to 6.3.0-alpha.5 windowsExecutableCodeSignatureVerifier.ts verifySignature variable name delimiters (GHSA-9jxc-qjr9-vjxq)
A vulnerability has been found in electron-userland electron-builder up to 6.3.0-alpha.5 and classified as critical. This vulnerability affects the functionverifySignature
of the file packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts. The manipulation leads to improper neutralization of variable name delimiters.
This vulnerability was named CVE-2024-39698. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.