CRITICAL

GHSA-q6m5-f73j-m9mc

Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow

Details

### Impact Most apps will crash and some may perform incorrect buffer allocations in the Node.js `Buffer` API resulting in unexpected truncation or allocation.

### Workarounds No workarounds. Do not use these impacted Electron releases

### Fixed Versions * `42.3.3`

### For more information If you have any questions or comments about this advisory, email us at [security@electronjs.org](mailto:security@electronjs.org)

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / electron

Introduced in: 42.3.1 Fixed in: 42.3.3

Fix npm install electron@42.3.3

References

https://github.com/electron/electron/security/advisories/GHSA-q6m5-f73j-m9mc [WEB]
https://github.com/electron/electron [PACKAGE]