Описание
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-11722
- https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
- https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
- https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00037.html
EPSS
Процентиль: 88%
0.03645
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 6 лет назад
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
CVSS3: 9.8
nvd
почти 6 лет назад
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
CVSS3: 9.8
debian
почти 6 лет назад
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote ...
EPSS
Процентиль: 88%
0.03645
Низкий