Rigidity

**Name of the Vulnerable Software and Affected Versions** Tauri shell plugin versions prior to 2.2.1 **Description** The Tauri shell plugin exposes functionality to execute code and open programs on the system. Due to improper validation of allowed protocols, potentially dangerous protocols like `file://`, `smb://`, or `nfs://` can be opened by the system registered protocol handler. This can be abused to gain remote code execution on the system by passing untrusted user input to the `open` endpoint. This requires either direct exposure of the endpoint to application users or code execution in the frontend of a Tauri application. **Recommendations** Update to version 2.2.1 to fix this issue. As a temporary workaround, consider restricting access to the `open` endpoint to minimize the risk of exploitation. Avoid passing untrusted user input to the `open` endpoint until the issue is resolved.