Allele Security Alert
ASA-2019-00125
Identifier(s)
ASA-2019-00125
Title
Chromium FileReader Vulnerability Fix
Vendor(s)
Github
Product(s)
Electron
Affected version(s)
All supported versions of Electron
Fixed version(s)
Electron 4.0.8
Electron 3.1.6
Electron 3.0.16
Electron 2.0.18
Proof of concept
Unknown
Description
A high severity vulnerability has been discovered in Chrome which affects all software based on Chromium, including Electron.
Technical details
Unknown
Credits
Clement Lecigne
Reference(s)
Chromium FileReader Vulnerability Fix
https://electronjs.org/blog/filereader-fix
Stable Channel Update for Desktop
https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
CVE-2019-5786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786
CVE-2019-5786
https://nvd.nist.gov/vuln/detail/CVE-2019-5786
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: March 11, 2019