Search for packages
| purl | pkg:npm/electron@1.8.0 |
| Tags | Ghost |
| Next non-vulnerable version | 35.7.5 |
| Latest non-vulnerable version | 42.0.0-alpha.5 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4s78-xt9y-1kew
Aliases: CVE-2018-1000136 GHSA-8xwg-wv7v-4vqp |
Code Execution by Re-enabling Node.js integration Electron contains an improper handling of values vulnerability in Webviews that can result in remote code execution. . |
Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-bxwq-t8nc-m7gu
Aliases: CVE-2018-15685 GHSA-hv9c-qwqg-qj3v |
Insecure Default Initialization of Resource GitHub Electron is affected by a `WebPreferences` vulnerability that can be leveraged to perform remote code execution. |
Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. Affected by 12 other vulnerabilities. |
|
VCID-q288-pvgc-vkaa
Aliases: CVE-2018-1000006 GHSA-w222-53c6-c86p |
Remote Code Execution (Windows) GitHub Electron has a vulnerability in the protocol handler. |
Affected by 14 other vulnerabilities. Affected by 13 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T16:54:48.662342+00:00 | Npm Importer | Affected by | VCID-bxwq-t8nc-m7gu | https://github.com/nodejs/security-wg/blob/main/vuln/npm/466.json | 38.0.0 |
| 2026-04-01T15:56:37.518321+00:00 | GHSA Importer | Affected by | VCID-bxwq-t8nc-m7gu | https://github.com/advisories/GHSA-hv9c-qwqg-qj3v | 38.0.0 |
| 2026-04-01T15:56:27.390522+00:00 | GHSA Importer | Affected by | VCID-4s78-xt9y-1kew | https://github.com/advisories/GHSA-8xwg-wv7v-4vqp | 38.0.0 |
| 2026-04-01T15:56:26.522589+00:00 | GHSA Importer | Affected by | VCID-q288-pvgc-vkaa | https://github.com/advisories/GHSA-w222-53c6-c86p | 38.0.0 |