Tauri · Tauri · CVE-2023-34460
**Name of the Vulnerable Software and Affected Versions**
Tauri versions 1.4.0
**Description**
The issue is related to a regression in the Filesystem scope check for dotfiles on Unix systems, introduced in the 1.4.0 release. This regression affects Tauri applications using wildcard scopes in the `fs` endpoint, allowing implicit access to dotfiles. The problem can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information.
**Recommendations**
For Tauri version 1.4.0, update to version 1.4.1 to resolve the issue.
As a temporary workaround, consider restricting access to the `fs` endpoint until the update is applied.