Linley Henzell: Security Vulnerabilities
crawl before 4.0.0 does not securely call programs when saving and loading games, which allows local users to gain privileges.
CVSS Score
7.2
EPSS Score
0.001
Published
2006-01-20
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-03-03