Описание
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-11722
- https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
- https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
- https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00037.html
EPSS
Процентиль: 87%
0.03645
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 5 лет назад
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
CVSS3: 9.8
nvd
больше 5 лет назад
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
CVSS3: 9.8
debian
больше 5 лет назад
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote ...
EPSS
Процентиль: 87%
0.03645
Низкий