跳到主内容

Chromium RCE Vulnerability Fix

· 阅读时间 1 分钟

A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. 访问 远程内容的任何Electron应用都易受此开发利用的伤害,不管 沙盒选项 是否启用。

We've published two new versions of electron 1.7.8 and 1.6.14, both of which include a fix for this vulnerability. We urge all Electron developers to update their apps to the latest stable version immediately:

npm i electron@latest --save-dev

要了解更多关于维护您的 Electron 应用安全的最佳做法, 请参阅我们的 安全教程

Please contact security@electronjs.org if you wish to report a vulnerability in Electron.