GMS-2017-249: Chromium Remote Code Execution

September 28, 2017

A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the sandbox option is enabled.

References

electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix

Detect and mitigate GMS-2017-249 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →