CVE-2020-25265

Опубликовано: 02 дек. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

Ссылки

https://github.com/refi64/CVE-2020-25265-25266
Third Party Advisory
https://github.com/refi64/CVE-2020-25265-25266
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:appimage:libappimage:*:*:*:*:*:*:*:*

Версия до 1.0.3 (исключая)

EPSS

Процентиль: 93%

0.09185

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2020-25265

CVSS3: 6.5

ubuntu

около 5 лет назад

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

CVE-2020-25265

CVSS3: 6.5

debian

около 5 лет назад

AppImage libappimage before 1.0.3 allows attackers to trigger an overw ...

GHSA-pfgx-f7x8-8985

github

больше 3 лет назад

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

EPSS

Процентиль: 93%

0.09185

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

NVD-CWE-noinfo