VYPR
Medium severity4.3NVD Advisory· Published Jan 2, 2018· Updated Jun 17, 2026

CVE-2017-1000424

CVE-2017-1000424

Description

Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can control.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
electronnpm
>= 1.7.0, < 1.7.61.7.6

Affected products

1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.