CVE-2019-12137

Typora 0.9.9.24.6 on macOS allows directory traversal, for execution of arbitrary programs, via a file:/// or ../ substring in a shared note.

Date published : 2019-05-16

http://packetstormsecurity.com/files/153082/Typora-0.9.9.24.6-Directory-Traversal.html

https://github.com/typora/typora-issues/issues/2505