Freeciv: >> Freeciv >> 2.3.0 Security Vulnerabilities
Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-08-31
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
CVSS Score
7.5
EPSS Score
0.093
Published
2020-01-23
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.
CVSS Score
7.5
EPSS Score
0.061
Published
2019-12-30
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.
CVSS Score
10.0
EPSS Score
0.016
Published
2010-07-08