electron-packager is a command line tool that packages Electron source code into .app and .exe packages. along with Electron. The –strict-ssl command line option in electron-packager >= 5.2.1 <= 6.0.0 || >=6.0.0 <= 6.0.2 defaults to false if not explicitly set to true. This could allow an attacker to perform a man in the middle attack.
electron-packager is a command line tool that packages Electron source code into .app and .exe packages. along with Electron. - The –string-ssl command line option defaults to false if not explicitly set to true This could allow an attacker to Man In The Middle (MITM) the step where electron-packager does the following step: "Download all supported target platforms and arches of Electron using the installed electron-prebuilt version (and cache the …