Описание
NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| nethack | fixed | 3.6.0-1 | package | |
| nethack | end-of-life | jessie | package |
Примечания
https://github.com/NetHack/NetHack/security/advisories/GHSA-2c7p-3fj4-223m
https://github.com/NetHack/NetHack/commit/612755bfb5c412079795c68ba392df5d93874ed8
EPSS
Процентиль: 28%
0.001
Низкий
Связанные уязвимости
CVSS3: 3.9
ubuntu
почти 6 лет назад
NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
CVSS3: 3.9
nvd
почти 6 лет назад
NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
EPSS
Процентиль: 28%
0.001
Низкий