rpm package
opensuse/wesnoth&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/wesnoth&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1999023 | Hig | 8.8 | < 1.15.17-1.3 | 1.15.17-1.3 | Jul 23, 2018 | The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, | |
| CVE-2015-0844 | — | < 1.12.6-1.1 | 1.12.6-1.1 | Apr 14, 2015 | The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file. |
- affected < 1.15.17-1.3fixed 1.15.17-1.3
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games,
- CVE-2015-0844Apr 14, 2015affected < 1.12.6-1.1fixed 1.12.6-1.1
The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted (1) campaign or (2) map file.