CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 3CVE-2022-28805 – lua: heap buffer overread
https://notcve.org/view.php?id=CVE-2022-28805
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code. singlevar en lparser.c en Lua desde (incluyendo) 5.4.0 hasta (excluyendo) 5.4.4 carece de una determinada llamada a luaK_exp2anyregup, lo que lleva a una sobrelectura del búfer basada en la pila que podría afectar a un sistema que compila código Lua no fiable A heap buffer-overflow vulnerability was found in Lua. The flaw occurs due to vulnerable code present in the lparser.c function of Lua that allows the execution of untrusted Lua code into a system, resulting in malicious activity. • https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RJNJ66IFDUKWJJZXHGOLRGIA3HWWC36R https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHYZOEFDVLVAD6EEP4CDW6DNONIVVHPA https://lua-users.org/lists/lua-l/2022-02/msg00001.html https://lua-users.org/lists/lua-l/2022-02/msg00070.html https://lua-users.org/lists/lua-l/2022-04/msg00009.html https://security.gentoo.o • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 3CVE-2021-44964 – lua: use after free allows Sandbox Escape
https://notcve.org/view.php?id=CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file. Un uso de memoria previamente liberada en el recolector de basura y en el finalizador de lgc.c en el intérprete de Lua versiones 5.4.0~5.4.3, permite a atacantes llevar a cabo un Escape del Sandbox por medio de un archivo de script diseñado A flaw was found in the Lua interpreter. This flaw allows an attacker who can have a malicious script executed by the interpreter, to cause a use-after-free issue that may result in a sandbox escape. • http://lua-users.org/lists/lua-l/2021-11/msg00186.html http://lua-users.org/lists/lua-l/2021-12/msg00007.html http://lua-users.org/lists/lua-l/2021-12/msg00015.html http://lua-users.org/lists/lua-l/2021-12/msg00030.html https://github.com/Lua-Project/lua-5.4.4-sandbox-escape-with-new-vulnerability https://access.redhat.com/security/cve/CVE-2021-44964 https://bugzilla.redhat.com/show_bug.cgi?id=2064772 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-43519 – lua: stack overflow in lua_resume of ldo.c allows a DoS via a crafted script file
https://notcve.org/view.php?id=CVE-2021-43519
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file. UN desbordamiento de pila en la función lua_resume del archivo ldo.c en Lua Interpreter versiones 5.1.0~5.4.4, permite a atacantes llevar a cabo una Denegación de Servicio por medio de un archivo de script diseñado A stack overflow issue was discovered in Lua in the lua_resume() function of 'ldo.c'. This flaw allows a local attacker to pass a specially crafted file to the Lua Interpreter, causing a crash that leads to a denial of service. • http://lua-users.org/lists/lua-l/2021-10/msg00123.html http://lua-users.org/lists/lua-l/2021-11/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7XHFYHGSZKL53VCLSJSAJ6VMFGAIXKO https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P3EMGAQ5Y6GXJLY4K5DUOOEQT4MZ4J4F https://access.redhat.com/security/cve/CVE-2021-43519 https://bugzilla.redhat.com/show_bug.cgi?id=2047672 • CWE-674: Uncontrolled Recursion CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24369
https://notcve.org/view.php?id=CVE-2020-24369
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference. El archivo ldebug.c en Lua versión 5.4.0, intenta acceder a la información de depuración por medio del enlace de línea de una función despojada, conllevando a una desreferencia del puntero NULL. • https://github.com/lua/lua/commit/ae5b5ba529753c7a653901ffc29b5ea24c3fdf3a https://www.lua.org/bugs.html#5.4.0-12 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2020-24371
https://notcve.org/view.php?id=CVE-2020-24371
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage. El archivo lgc.c en Lua versión 5.4.0, maneja inapropiadamente la interacción entre las barreras y la fase de barrido, conllevando a una violación de acceso a la memoria que involucra collectgarbage. • https://github.com/lua/lua/commit/a6da1472c0c5e05ff249325f979531ad51533110 https://www.lua.org/bugs.html#5.4.0-10 • CWE-763: Release of Invalid Pointer or Reference •