PT-2020-12808 · Dungeon Crawl Stone Soup Developers+4 · Dungeon Crawl Stone Soup+4

Aidanholm

Published

2020-04-12

Updated

2026-01-19

CVE-2020-11722

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dungeon Crawl Stone Soup versions prior to 0.25

Description The issue allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.

Recommendations For versions prior to 0.25, update to version 0.25 or later to resolve the issue.

Fix

RCE

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

ALT-PU-2021-1634

ALT-PU-2024-13586

CVE-2020-11722

MGASA-2020-0190

OPENSUSE-SU-2020:0549-1

OPENSUSE-SU-2020_0549-1

OPENSUSE-SU-2024:10698-1

USN-7969-1

Alt Linux

Dungeon Crawl Stone Soup

Linuxmint

Suse

Ubuntu