CCAe icon indicating copy to clipboard operation
CCAe copied to clipboard

Published 20 hours ago verified publisher icon ThePacielloGroup

Update electron library to 26.2.4 to mitigate High vulnerability CVE-2023-5217

Open KenMillard-Steampunk opened this issue 1 year ago • 0 comments

Describe the bug Based on Trivy scan of project's SBOM, the current version of the electron library used for this project is outdated (26.2.2) and must be updated to at least 26.2.4 to mitigate a high vulnerability.

Desktop (please complete the following information):

  • OS: Windows 11 64 bit
  • Version 3.5.1

To Reproduce Steps to reproduce the behavior:

  1. In GitHub, go to Insights > Dependencies > Export SBOM.

  2. Then, install Trivy (https://aquasecurity.github.io/trivy/v0.33/docs/sbom/spdx/) and run this command: trivy sbom {name of sbom}.json

Screenshots If applicable, add screenshots to help explain your problem.

image

KenMillard-Steampunk avatar Dec 14 '23 17:12 KenMillard-Steampunk