Tauri Filesystem Scope can be Partially Bypassed
Description
Tauri is a framework for building binaries for all major desktop platforms. In versions prior to 1.0.7 and 1.1.2, Tauri is vulnerable to an Incorrectly-Resolved Name. Due to incorrect escaping of special characters in paths selected via the file dialog and drag and drop functionality, it is possible to partially bypass the fs scope definition. It is not possible to traverse into arbitrary paths, as the issue is limited to neighboring files and sub folders of already allowed paths. The impact differs on Windows, MacOS and Linux due to different specifications of valid path characters. This bypass depends on the file picker dialog or dragged files, as user selected paths are automatically added to the allow list at runtime. A successful bypass requires the user to select a pre-existing malicious file or directory during the file picker dialog and an adversary controlled logic to access these files. The issue has been patched in versions 1.0.7, 1.1.2 and 1.2.0. As a workaround, disable the dialog and fileDropEnabled component inside the tauri.conf.json.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Tauri before 1.0.7/1.1.2 incorrectly escapes special characters in file paths, allowing partial filesystem scope bypass via file dialog or drag-and-drop.
Vulnerability
Overview
Tauri versions prior to 1.0.7 and 1.1.2 contain an Incorrectly-Resolved Name vulnerability due to improper escaping of special characters in paths selected through the file dialog or drag-and-drop functionality [1][4]. The bug lies in how the framework handles path strings when adding user-selected files or directories to the runtime allow list. Special characters such as *, **, and character classes like [a-Z] were not escaped, making it possible to partially bypass the fs scope definition [4]. The issue is limited to neighboring files and subdirectories of already allowed paths; full directory traversal is not achievable [1].
Exploitation
Prerequisites
Exploitation requires both user interaction and an adversary-controlled logic to access the bypassed files. The attacker must convince the user to select a pre-existing malicious file or directory through the file picker dialog or via a dragged file, as those user-selected paths are automatically added to the allow list at runtime [1][4]. The impact varies across platforms due to different valid path characters: on Linux and macOS, the *, **, and [a-Z] patterns can be used to read subdirectory contents or single-character files; on Windows, only [a-Z] works since * is not a valid path component [4]. This means, for example, that on Windows a user might inadvertently allow access to all single-character files in an already allowed directory.
Impact
A successful bypass allows an attacker to read the content of subdirectories and single-character files that are within the same folder as an already allowed path, but not traverse into arbitrary directories [1][4]. The CVSS score for this issue is 2.3 (Low), reflecting the high attack complexity, required user interaction, and limited confidential impact [3]. The vulnerability does not enable modification or deletion of files, only unauthorized reading [3].
Mitigation
The issue has been patched in Tauri versions 1.0.7, 1.1.2, and 1.2.0 [1][4]. As a workaround, users can disable the dialog and fileDropEnabled component in the tauri.conf.json configuration file [1][4]. The patch ensures that special characters in user-selected paths are properly escaped before being added to the allow list [4].
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
Tauricrates.io | >= 1.0.0, < 1.0.7 | 1.0.7 |
Tauricrates.io | >= 1.1.0, < 1.1.2 | 1.1.2 |
Affected products
2- tauri-apps/tauriv5Range: >= 1.0.0, <1.0.7
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-q9wv-22m9-vhqhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-41874ghsaADVISORY
- github.com/tauri-apps/tauri/issues/5234ghsaWEB
- github.com/tauri-apps/tauri/pull/5237ghsaWEB
- github.com/tauri-apps/tauri/security/advisories/GHSA-q9wv-22m9-vhqhghsaWEB
- rustsec.org/advisories/RUSTSEC-2022-0091.htmlghsaWEB
News mentions
0No linked articles in our index yet.