A High severity vulnerability has been discovered in Chrome which affects all software based on Chromium, including Electron.
This vulnerability has been assigned
CVE-2019-13720. 您可以在 Chrome 博客文章 中阅读更多关于它的信息。
Please note that Chrome has reports of this vulnerability being used in the wild so it is strongly recommended you upgrade Electron as soon as possible.
Affected apps should upgrade to a patched version of Electron.
We've published new versions of Electron which include fixes for this vulnerability:
Electron 7.0.1 automatically included the fix from upstream, before the announcement was made. Electron 8 is similarly unaffected. The vulnerability did not exist in Electron 5, so that version is also unaffected.
要了解更多关于维护您的 Electron 应用安全的最佳做法，请参阅我们的 安全教程。
If you wish to report a vulnerability in Electron, email firstname.lastname@example.org.