CVE-2020-5253

Summary

NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.

Affected Software

VendorProductVersion RangeStatus
NetHackNetHack< 3.6.0affected

Weaknesses

  • CWE-184: CWE-184: Incomplete List of Disallowed Inputs

ADP Enrichment

CVE Program Container

Additional References

References