lua
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | Powerful lightweight programming language designed for extending applications |
| Version | 5.4.0-2 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-1207 | 5.4.0-2 | High | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-15889 | AVG-1207 | High | No | Information disclosure | Lua through 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members. |
| CVE-2020-15888 | AVG-1207 | High | No | Arbitrary code execution | Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap- based buffer... |