Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1999023

Опубликовано: 23 июл. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.8

Описание

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content.

РелизСтатусПримечание
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

released

1:1.12.6-1+deb9u1build0.18.04.1
cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/bionic

released

1:1.12.6-1+deb9u1build0.18.04.1
esm-apps/xenial

needed

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

cosmic

not-affected

1:1.14.4-1
devel

DNE

disco

not-affected

1:1.14.4-1
eoan

not-affected

1:1.14.4-1
esm-apps/focal

not-affected

1:1.14.4-1
esm-infra-legacy/trusty

DNE

focal

not-affected

1:1.14.4-1
groovy

not-affected

1:1.14.4-1
hirsute

not-affected

1:1.14.4-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 62%
0.00425
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-1999023

CVSS3: 8.8
nvd
больше 7 лет назад

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content.

msrc логотип

CVE-2018-1999023

CVSS3: 8.8
msrc
больше 1 года назад

Описание отсутствует

debian логотип

CVE-2018-1999023

CVSS3: 8.8
debian
больше 7 лет назад

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a ...

github логотип

GHSA-rv2w-5cww-2mqm

CVSS3: 8.8
github
больше 3 лет назад

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content.

EPSS

Процентиль: 62%
0.00425
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3