NetHack 3.6.5

CPE Details

NetHack 3.6.5
nethack
nethack
3.6.5
2020-01-31
15h29 +00:00
2020-01-31
15h29 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:nethack:nethack:3.6.5:*:*:*:*:*:*:*

Informations

Vendor

nethack

Product

nethack

Version

3.6.5

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-24809 2023-02-17 19h41 +00:00 NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds.
5.5
Medium
CVE-2020-5254 2020-03-10 15h45 +00:00 In NetHack before 3.6.6, some out-of-bound values for the hilite_status option can be exploited. NetHack 3.6.6 resolves this issue.
8.1
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.