Security: electron-userland/electron-builder
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Cross-origin redirect leaks `PRIVATE-TOKEN` and mixed-case `Authorization` credentials in `builder-util-runtime`GHSA-p2f4-r6v6-j797 published
Jun 16, 2026 by mmaiettaHigh -
Uncontrolled search path elements within `AppImage` built by `app-builder-lib`GHSA-7g7r-gx96-252g published
Jun 16, 2026 by mmaiettaHigh -
Code Signing Bypass on Windows in electron-updater < 6.3.0-alpha.6GHSA-9jxc-qjr9-vjxq published
Jul 9, 2024 by mmaiettaHigh -
NSIS installer - execute arbitrary code on the target machine (Windows only)GHSA-r4pf-3v7r-hh55 published
Mar 2, 2024 by mmaiettaHigh