CVE-2020-5253
CRITICAL9.8EPSS 0.21%Published: 3/10/2020Modified: 4/28/2026
Description
NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
Affected packages (1)
- Debian/nethackfrom 0, < 3.6.0-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |