Nornagon

Name of the Vulnerable Software and Affected Versions: Electron versions prior to 9.4.0 Electron versions prior to 10.2.0 Electron versions prior to 11.1.0 Electron versions prior to 12.0.0-beta.9 Description: IPC messages sent from the main process to a subframe in the renderer process, through `webContents.sendToFrame`, `event.reply`, or when using the `remote` module, can in some cases be delivered to the wrong frame. If an app uses `remote`, calls `webContents.sendToFrame`, or calls `event.reply` in an IPC message handler, then it is impacted by this issue. Recommendations: For versions prior to 9.4.0, update to version 9.4.0 or later. For versions prior to 10.2.0, update to version 10.2.0 or later. For versions prior to 11.1.0, update to version 11.1.0 or later. For versions prior to 12.0.0-beta.9, update to version 12.0.0-beta.9 or later. As a temporary workaround, consider avoiding the use of `remote`, `webContents.sendToFrame`, and `event.reply` in IPC message handlers until a patch is applied.