You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
electron package versions <18.3.7 suffer from a security vulnerability: "Exfiltration of hashed SMB credentials on Windows via file:// redirect".
See GHSA-p2jh-44qj-pf2v
Solution
Upgrade electron dependency in react-devtools to >18.3.7
How often does this bug happen?
Every time
DevTools package (automated)
No response
DevTools version (automated)
No response
Error message (automated)
No response
Error call stack (automated)
No response
Error component stack (automated)
No response
GitHub query string (automated)
No response
The text was updated successfully, but these errors were encountered:
…#26337)
## Summary
resolves#25667
This PR also resolves several security issues in the standalone app
## How did you test this change?
Tested locally `yarn start` in react-devtools package. Everything works
normal
---
- To see the specific tasks where the Asana app for GitHub is being
used, see below:
- https://app.asana.com/0/0/1204123419819195
Website or app
https://github.com/facebook/react/blob/main/packages/react-devtools/package.json
Repro steps
Issue
electron package versions <18.3.7 suffer from a security vulnerability: "Exfiltration of hashed SMB credentials on Windows via file:// redirect".
See GHSA-p2jh-44qj-pf2v
Solution
Upgrade electron dependency in react-devtools to >18.3.7
How often does this bug happen?
Every time
DevTools package (automated)
No response
DevTools version (automated)
No response
Error message (automated)
No response
Error call stack (automated)
No response
Error component stack (automated)
No response
GitHub query string (automated)
No response
The text was updated successfully, but these errors were encountered: