Files or Directories Accessible to External Parties
Overview Affected versions of this package are vulnerable to Files or Directories Accessible to External Parties via the signing verification process, allowing an attacker to replace an existing signed update with another payload and bypass Sparkle’s EdDSA signing checks. Remediation Upgrade...