AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.
{ "binaries": [ { "binary_name": "libappimage-dev", "binary_version": "0.1.9+dfsg-1" }, { "binary_name": "libappimage0", "binary_version": "0.1.9+dfsg-1" } ] }
{ "binaries": [ { "binary_name": "libappimage-dev", "binary_version": "0.1.10+dfsg-0ubuntu1" }, { "binary_name": "libappimage0", "binary_version": "0.1.10+dfsg-0ubuntu1" } ] }
{ "binaries": [ { "binary_name": "libappimage-dev", "binary_version": "1.0.4-5-3.1ubuntu2" }, { "binary_name": "libappimage1.0abi1t64", "binary_version": "1.0.4-5-3.1ubuntu2" } ] }
{ "binaries": [ { "binary_name": "libappimage-dev", "binary_version": "1.0.4-5-4ubuntu1" }, { "binary_name": "libappimage1.0abi1t64", "binary_version": "1.0.4-5-4ubuntu1" } ] }