Tauri 2.0.0 Alpha 1

CPE Details

Tauri 2.0.0 Alpha 1
tauri
tauri
2.0.0
2023-09-28
09h09 +00:00
2023-09-28
09h09 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:tauri:tauri:2.0.0:alpha1:*:*:*:*:*:*

Informations

Vendor

tauri

Product

tauri

Version

2.0.0

Update

alpha1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-46171 2022-12-23 13h47 +00:00 Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[...]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `**` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication.
7.7
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.