vulnerability
Ubuntu: USN-7969-1 (CVE-2020-11722): Dungeon Crawl Stone Stoup vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Apr 12, 2020 | Jan 21, 2026 | Jan 22, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Apr 12, 2020
Added
Jan 21, 2026
Modified
Jan 22, 2026
Description
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Solutions
ubuntu-pro-upgrade-crawlubuntu-pro-upgrade-crawl-commonubuntu-pro-upgrade-crawl-tilesubuntu-pro-upgrade-crawl-tiles-data
References
- CVE-2020-11722
- https://attackerkb.com/topics/CVE-2020-11722
- CWE-434
- UBUNTU-USN-7969-1
- URL-https://dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.html
- URL-https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
- URL-https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
- URL-https://ubuntu.com/security/notices/USN-7969-1
- URL-https://www.cve.org/CVERecord?id=CVE-2020-11722
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.