VDB
CVE-2020-5253
CVE-2020-5253
PUBLISHED
NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
EPSS 0.21% · 43.2th percentile
Risk Scores
EPSS Score
0.21%
43.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | nethack | 3.4.3-15build1, 0, 3.4.3-15 |
Exploit Intelligence
Timeline
- Mar 10, 2020 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-5253 third-party-advisory
- https://github.com/NetHack/NetHack/security/advisories/GHSA-2c7p-3fj4-223m third-party-advisory
- https://github.com/NetHack/NetHack/commits/612755bfb5c412079795c68ba392df5d93874ed8 third-party-advisory
- https://nethack.org/security/CVE-2020-5253.html third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-5253 third-party-advisory