mhfan / inyew

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `inyew`

Dependencies

(9 total, all up-to-date)

Crate	Required	Latest	Status
yew	`^0.21`	`0.21.0`	up to date
yew-router	`^0.18`	`0.18.0`	up to date
wasm-logger	`^0.2`	`0.2.0`	up to date
wasm-bindgen	`^0.2`	`0.2.92`	up to date
log	`^0.4`	`0.4.21`	up to date
rand	`^0.8`	`0.8.5`	up to date
instant	`^0.1`	`0.1.13`	up to date
getrandom	`^0.2`	`0.2.15`	up to date
web-sys	`^0.3`	`0.3.69`	up to date

Crate `intauri`

Dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
serde_json	`^1.0`	`1.0.117`	up to date
serde	`^1.0`	`1.0.202`	up to date
tauri ⚠️	`^1.1`	`1.6.6`	maybe insecure

Build dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
tauri-build	`^1.1`	`1.5.2`	up to date

Security Vulnerabilities

`tauri`: `tauri` filesystem scope partial bypass

RUSTSEC-2022-0091

A bug identified in this issue allows a partial filesystem scope bypass if glob characters are used within file dialog or drag-and-drop functionalities.

This PR fixes the issue by escaping glob characters.

mhfan / inyew

Crate inyew

Dependencies

Crate intauri

Dependencies

Build dependencies

Security Vulnerabilities

tauri: `tauri` filesystem scope partial bypass

Crate `inyew`

Crate `intauri`

`tauri`: `tauri` filesystem scope partial bypass