Critical severity9.8NVD Advisory· Published Apr 12, 2020· Updated Jun 17, 2026
CVE-2020-11722
CVE-2020-11722
Description
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Dungeon Crawl Stone Soup/Dungeon Crawl Stone Soupdescription
- Range: <0.25
- osv-coords3 versionspkg:rpm/opensuse/crawl&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/crawl&distro=openSUSE%20Tumbleweedpkg:rpm/suse/crawl&distro=SUSE%20Package%20Hub%2015%20SP1
< 0.24.0-bp151.4.3.2+ 2 more
- (no CPE)range: < 0.24.0-bp151.4.3.2
- (no CPE)range: < 0.26.1-1.2
- (no CPE)range: < 0.24.0-bp151.4.3.2
Patches
Vulnerability mechanics
References
6- dpmendenhall.blogspot.com/2020/03/dungeon-crawl-stone-soup.htmlnvdPatchThird Party Advisory
- github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04nvdPatchThird Party Advisory
- github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28nvdPatchThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2020-04/msg00037.htmlnvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QLPN635S7J3MUXLIHYK6MDAHEIASFYP/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNXK7QE7EA7XSDDNOWX2A6MJNWOIYCTC/nvd
News mentions
0No linked articles in our index yet.