A bug identified in this issue allows a partial filesystem scope bypass if glob characters are used within file dialog or drag-and-drop functionalities.
This PR fixes the issue by escaping glob characters.
This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
tauri-plugin-nosleep(4 total, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| tauri ⚠️ | ^1.0.0-rc.8 | 1.6.2 | maybe insecure |
| serde | ^1.0 | 1.0.199 | up to date |
| thiserror | ^1.0 | 1.0.59 | up to date |
| nosleep | ^0.2.1 | 0.2.1 | up to date |