VYPR

Gzdoom

by Zdoom

Source repositories

CVEs (2)

  • CVE-2024-54756CriFeb 20, 2025
    risk 0.64cvss 9.8epss 0.03

    A remote code execution (RCE) vulnerability in the ZScript function of ZDoom Team GZDoom v4.13.1 allows attackers to execute arbitrary code via supplying a crafted PK3 file containing a malicious ZScript source file.

  • CVE-2025-54065HigDec 3, 2025
    risk 0.51cvss 7.9epss 0.00

    GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control…