CVE-2020-11722
CRITICAL9.8EPSS 3.6%Published: 4/12/2020Modified: 4/28/2026
Description
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Affected packages (1)
- Debian/crawlfrom 0, < 2:0.25.0-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |