Mcv

**Name of the Vulnerable Software and Affected Versions** Flatpak versions prior to 1.12.3 and 1.10.6 **Description** A path traversal issue affects Flatpak, a Linux application sandboxing and distribution framework. The `flatpak-builder` applies `finish-args` last in the build, granting the build directory full access as specified in the manifest. Normally, this is not a problem, but if `--mirror-screenshots-url` is specified, `flatpak-builder` launches `flatpak build --nofilesystem=host appstream-utils mirror-screenshots` after finalization, potentially leading to issues. In normal use, empty directories can be created wherever the user has write permissions. However, a malicious application could replace the `appstream-util` binary and potentially do something more hostile. **Recommendations** For versions prior to 1.12.3, update to version 1.12.3 or later. For versions prior to 1.10.6, update to version 1.10.6 or later. As a temporary workaround, consider avoiding the use of the `--mirror-screenshots-url` option until the issue is resolved. Restrict access to the `appstream-util` binary to minimize the risk of exploitation.