CVE-2020-35883
CVE-2020-35883 affects the Rust crate mozwire (through 2020-08-18). A directory traversal flaw in a parameter used to form local file paths allows overwriting files ending in .conf. Root cause: improper sanitization of user-controlled path data, enabling traversal via "../" sequences. Documented ...