CVE-2024-39698 | electron-userland electron-builder up to 6.3.0-alpha.5 windowsExecutableCodeSignatureVerifier.ts verifySignature variable name delimiters (GHSA-9jxc-qjr9-vjxq)

Çağlar Arlı - 17 Views

CVE-2024-39698 | electron-userland electron-builder up to 6.3.0-alpha.5 windowsExecutableCodeSignatureVerifier.ts verifySignature variable name delimiters (GHSA-9jxc-qjr9-vjxq)

A vulnerability has been found in electron-userland electron-builder up to 6.3.0-alpha.5 and classified as critical. This vulnerability affects the function verifySignature of the file packages/electron-updater/src/windowsExecutableCodeSignatureVerifier.ts. The manipulation leads to improper neutralization of variable name delimiters. This vulnerability was named CVE-2024-39698. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

P	S	Ç	P	C	C	P
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Annanowa

CVE-2024-39698 | electron-userland electron-builder up to 6.3.0-alpha.5 windowsExecutableCodeSignatureVerifier.ts verifySignature variable name delimiters (GHSA-9jxc-qjr9-vjxq)

CVE-2024-39698 | electron-userland electron-builder up to 6.3.0-alpha.5 windowsExecutableCodeSignatureVerifier.ts verifySignature variable name delimiters (GHSA-9jxc-qjr9-vjxq)

Son Yazılar

Son Yorumlar