Weakness

The finding can not be directly abused but can aid in vulnerabilities and their escalation. Additionally these findings can cause vulnerabilities in future versions of the application, or the logic can be easily misunderstood by developers and users.

Example: The application performs string interpolation to construct a partial user controlled url. The user input is filtered to a reasonable degree but future changes to the construction are prone to allow for url manipulation.

• Improper Tauri Security Configuration

• Vulnerable Cargo crates

• Improper Allowlist Configuration

• Improper Github Workflow Trigger Validation

• Dependencies Telemetry Data is not Disabled

• Vulnerable NPM Dependencies