描述
NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0.
AI分析AI驱动
受影响产品
nethacknethack
参考资料
- https://github.com/NetHack/NetHack/commits/612755bfb5c412079795c68ba392df5d93874ed8PatchThird Party Advisory
- https://github.com/NetHack/NetHack/security/advisories/GHSA-2c7p-3fj4-223mThird Party Advisory
- https://github.com/NetHack/NetHack/commits/612755bfb5c412079795c68ba392df5d93874ed8PatchThird Party Advisory
- https://github.com/NetHack/NetHack/security/advisories/GHSA-2c7p-3fj4-223mThird Party Advisory