Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tauri vulnerable to path traversal
Vulnerability Description
Tauri is a framework for building binaries for all major desktop platforms. The filesystem glob pattern wildcards `*`, `?`, and `[...]` match file path literals and leading dots by default, which unintentionally exposes sub folder content of allowed paths. Scopes without the wildcards are not affected. As `**` allows for sub directories the behavior there is also as expected. The issue has been patched in the latest release and was backported into the currently supported 1.x branches. There are no known workarounds at the time of publication.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Tauri 路径遍历漏洞
Vulnerability Description
Tauri是Tauri开源的一个使用 Web 前端构建更小、更快、更安全的桌面应用程序。 Tauri存在路径遍历漏洞。攻击者利用该漏洞获取路径的子文件夹内容。
CVSS Information
N/A
Vulnerability Type
N/A