VDB
GCVE-110-MAGEIA-2018-325
GCVE-110-MAGEIA-2018-325
Advisory Published
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code
Injection vulnerability in the Lua scripting engine that can result in code
execution outside the sandbox. This attack appear to be exploitable via
Loading specially-crafted saved games, networked games, replays, and player
content (CVE-2018-1999023).
This is fixed in version 1.14.4, together with several non-security-related
bug fixes and enhancements.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | wesnoth | 1.14.4-1.mga6 (unaffected), 0 (affected) | — |
Aliases
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.