search

Stapxs / Stapxs-QQ-Lite-2.0

一个兼容 OneBot 协议的非官方网页版 QQ 客户端、electron 客户端。
https://stapxs.github.io/Stapxs-QQ-Lite-2.0/
Apache License 2.0
414 stars 34 forks source link

[ 提醒 ] CVE-2023-4357 任意文件读取漏洞提醒 #77

Closed Stapxs closed 3 months ago

Stapxs commented 8 months ago

总之就是要更新一下 electron 的版本

https://github.com/advisories/GHSA-6cx7-2m7q-5fh3

Stapxs commented 3 months ago

d5acaa963dfcf5faf023a7a00cc85ecf4bdd4aaa

electron: 20.0.0 > 27.0.0 vue-cli-plugin-electron-builder: 2.1.1 > 3.0.0-alpha.4