CVE-2023-41057
Hyper-bump-it contains a Path Traversal vulnerability due to not checking that the globbed files reside under the project root. The code joins project root with a config-supplied string to build the target path, which can cause edits to files outside the project. The issue is fixed in release v0....