VDB

GCVE-110-MAGEIA-2018-325

GCVE-110-MAGEIA-2018-325
Advisory Published
Vulnetix · Advisory published July 25, 2018
The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content (CVE-2018-1999023). This is fixed in version 1.14.4, together with several non-security-related bug fixes and enhancements.

Affected Products

VendorProductVersionsPlatforms
Mageiawesnoth1.14.4-1.mga6 (unaffected), 0 (affected)

Browse GCVE Records

73,393 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›