Information Disclosure

@tauri-apps/cli is vulnerable to Information Disclosure. This vulnerability is due to a commonly used misconfiguration which leads to the leakage of the private key and updater key password. If envPrefix: 'VITE', 'TAURI', was pasted from the documentation into vite.config.ts, the TAURIPRIVATEKEY...

pake-cli (>=2.0.7 <=2.0.7-beta3) potentially affected by CVE-2023-46115 via @tauri-apps/cli (=1.3.1)

@tauri-apps/cli NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @tauri-apps/cli and may be impacted: - pake-cli =2.0.7, =2.0.7-beta3 Source cves: CVE-2023-46115 Source advisory: OSV:GHSA-2RCP-JVR4-R259...