CVE-2020-11722
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-11722
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11722.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-11722
- Related
- Published
- 2020-04-12T19:15:10Z
- Modified
- 2024-10-12T05:38:14.777171Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
- References
-
- https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
- https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
- https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
- http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00037.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QLPN635S7J3MUXLIHYK6MDAHEIASFYP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNXK7QE7EA7XSDDNOWX2A6MJNWOIYCTC/
- https://security-tracker.debian.org/tracker/CVE-2020-11722
Affected packages
Debian:11 / crawl
Package
- Name
- crawl
- Purl
- pkg:deb/debian/crawl?arch=source
Debian:12 / crawl
Package
- Name
- crawl
- Purl
- pkg:deb/debian/crawl?arch=source
Debian:13 / crawl
Package
- Name
- crawl
- Purl
- pkg:deb/debian/crawl?arch=source
Git / github.com/crawl/crawl
Affected ranges
- Type
- GIT
- Repo
- https://github.com/crawl/crawl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
0.*
0.10-a0
0.10-b1
0.11-a0
0.11-b1
0.12-a0
0.12-b1
0.13-a0
0.13-b1
0.14-a0
0.14-b1
0.15-a0
0.15-b1
0.16-a0
0.16-b1
0.17-a0
0.18-a0
0.18-b1
0.19-a0
0.19-b1
0.2-a0
0.20-a0
0.20-b1
0.21-a0
0.21-b1
0.22-a0
0.22-b1
0.23-a0
0.23-b1
0.24-a0
0.24-b1
0.25-a0
0.3-a0
0.4-a0
0.5-a0
0.6.0
0.6.0-a0
0.6.0-a1
0.6.0-a2
0.6.0-rc1
0.6.0-rc2
0.6.0-rc3
0.6.0-rc4
0.6.0.1
0.7.0-a0
0.7.0-a1
0.8.0-a0
0.8.0-a1
0.9-a1
0.9-b1
0.9.0-a0