Search for packages
| purl | pkg:npm/electron@1.8.2-beta4 |
| Tags | Ghost |
| Next non-vulnerable version | 35.7.5 |
| Latest non-vulnerable version | 42.0.0-alpha.5 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ycrz-abm9-hbat
Aliases: CVE-2018-1000118 GHSA-fjqr-fx3f-g4rv |
OS Command Injection Github Electron version Electron contains a Command Injection vulnerability in Protocol Handler that can result in command execute.This issue is due to an incomplete fix for CVE-2018-1000006, specifically the block list used was not case insensitive allowing an attacker to potentially bypass it. |
Affected by 0 other vulnerabilities. Affected by 14 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T15:56:27.418128+00:00 | GHSA Importer | Affected by | VCID-ycrz-abm9-hbat | https://github.com/advisories/GHSA-fjqr-fx3f-g4rv | 38.0.0 |