Open grafanauser opened 1 year ago
Hello @grafanauser and thanks for reporting the issue. This was already reported in #104, the main issue being the lack of a stable & quick source for the vulnerability database. The solution right now would be re-writing the check to iterate all the releases (https://github.com/electron/electron/releases.atom) checking for the presence of "CVE", "Security", etc. in the body of the relase. This would be quite slow and not ideal so we'll need some support from the Electron team (#104).
Alternatively you can find a complete database of Electron vulnerabilities for all versions with descriptions and PoCs in ElectroNG if you need.
I use electron 25.2.0. I get this error message: "Unknown Electron release "25.2.x", please check manually for available security fixes."
Will there be an update for new electron versions or is this tool deprecated?