What is CVE-2023-31134?

CVE-2023-31134 is a medium-severity vulnerability in Tauri-apps Tauri, classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 4.8/10. Published 2023-05-09.

How severe is CVE-2023-31134?

Medium severity. CVSS v3 base score is 4.8 out of 10.

Open Redirect in Tauri-apps Tauri

CVE-2023-31134

Tauri is software for building applications for multi-platform deployment. The Tauri IPC is usually strictly isolated from external websites, but in versions 1.0.0 until 1.0.9, 1.1.0 until 1.1.4, and 1.2.0 until 1.2.5, the isolation can be…

Vulnerability class: Open Redirect

EPSS: 0.003 (55.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.8 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N.

Affected products

Tauri-apps Tauri — versions >= 1.0.0, < 1.0.9, >= 1.1.0, < 1.1.4, >= 1.2.0, < 1.2.5

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

References

https://github.com/tauri-apps/tauri/security/advisories/GHSA-4wm2-cwcf-wwvp (x_refsource_CONFIRM)
https://github.com/tauri-apps/tauri/releases/tag/tauri-v1.0.9 (x_refsource_MISC)
https://github.com/tauri-apps/tauri/releases/tag/tauri-v1.1.4 (x_refsource_MISC)
https://github.com/tauri-apps/tauri/releases/tag/tauri-v1.2.5 (x_refsource_MISC)
https://www.github.com/tauri-apps/tauri/commit/58ea0b45268dbd46cbac0ebb0887353d057ca767 (x_refsource_MISC)
https://www.github.com/tauri-apps/tauri/commit/fa90214b052b1a5d38d54fbf1ca422b4c37cfd1f (x_refsource_MISC)

Frequently asked questions

What is CVE-2023-31134?: CVE-2023-31134 is a medium-severity vulnerability in Tauri-apps Tauri, classified under URL Redirection to Untrusted Site (Open Redirect). CVSS score: 4.8/10. Published 2023-05-09.
How severe is CVE-2023-31134?: Medium severity. CVSS v3 base score is 4.8 out of 10.