Total vulnerabilities in the database
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.
| Software | From | Fixed in |
|---|---|---|
| chocolate-doom / crispy_doom | 5.8.0 | 5.8.0.x |
| chocolate-doom / chocolate_doom | 3.0.0 | 3.0.0.x |
| opensuse / leap | 15.1 | 15.1.x |
| opensuse / leap | 15.2 | 15.2.x |
| opensuse / backports | sle-15-sp1 | sle-15-sp1.x |