CVE-2020-25265

Опубликовано: 02 дек. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.5

Описание

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

Релиз	Статус	Примечание
bionic	DNE
devel	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
groovy	ignored	end of life
hirsute	ignored	end of life
impish	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 91%

0.06818

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2020-25265

CVSS3: 6.5

nvd

около 5 лет назад

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

CVE-2020-25265

CVSS3: 6.5

debian

около 5 лет назад

AppImage libappimage before 1.0.3 allows attackers to trigger an overw ...

GHSA-pfgx-f7x8-8985

github

больше 3 лет назад

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

EPSS

Процентиль: 91%

0.06818

Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2020-25265

Описание

Пакет libappimage

Ссылки на источники

Связанные уязвимости