CVE-2020-25266

Published December 2nd, 2020

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it.

refi64/CVE-2020-25265-25266

GitHub