2.3 Patch 2 release
👇 Scroll to the bottom of this changelog for downloadable binary releases

⚠️ Emergency security update

There is a vulnerability also known as CVE-2023-30856 which allows a malicious website to connect to eDEX's internal terminal control websocket, and send arbitrary commands to the shell.

To prevent this from happening, an emergency security update has been released to patch this behaviour.

Please update eDEX-UI to version 2.3.2 or later if you haven't already.

Keep in mind that this project is in maintenance mode, only bug fixes, and dependencies will be updated from now on, no new features will be added so don't expect new features coming soon to eDEX-UI except ones that really needed to be added.

2.3.x will be a LTS release updating Electron versions every around a few minor releases (and breaking API changes/major vulnerabilities in Electron) if needed to keep atleast security tightened.

Sponsor

Want to help support my open-source projects?

Click the Sponsor button to sponsor my open-source projects.

Changelog

e571e09 feat (SECURITY) address vulnerability also known as CVE-2023-30856 (https://nvd.nist.gov/vuln/detail/CVE-2023-30856)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

eDEX-UI v2.3.2

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

⚠️ Emergency security update

2.3.x will be a LTS release updating Electron versions every around a few minor releases (and breaking API changes/major vulnerabilities in Electron) if needed to keep atleast security tightened.

Uh oh!