CVE-2024-29900

Name of the Vulnerable Software and Affected Versions Electron Packager versions prior to 18.3.1

Description A random segment of ~1-10kb of Node.js heap memory allocated either side of a known buffer will be leaked into the final executable. This memory could contain sensitive information such as environment variables, secrets files, etc.

Recommendations For versions prior to 18.3.1, update to version 18.3.1 to resolve the issue. As a temporary workaround, consider avoiding the use of sensitive information in the application source code until the update is applied.