Search CVE reports
11 – 13 of 13 results
CVE-2020-15945
Low priorityLua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.
5 affected packages
lua5.1, lua5.2, lua5.3, lua5.4, lua50
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lua5.1 | — | Not affected | Not affected | Not affected | Not affected |
lua5.2 | — | Not affected | Not affected | Not affected | Not affected |
lua5.3 | — | Not affected | Not affected | Not affected | Not affected |
lua5.4 | — | Not affected | Not in release | Not in release | Not in release |
lua50 | — | Not in release | Not affected | Not affected | Not affected |
CVE-2020-15889
Low priorityLua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.
5 affected packages
lua5.1, lua5.2, lua5.3, lua5.4, lua50
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lua5.1 | — | — | Not affected | Not affected | Not affected |
lua5.2 | — | — | Not affected | Not affected | Not affected |
lua5.3 | — | — | Not affected | Not affected | Not affected |
lua5.4 | — | — | Not in release | Not in release | Not in release |
lua50 | — | — | Not affected | Not affected | Not affected |
CVE-2020-15888
Low priorityLua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
5 affected packages
lua5.1, lua5.2, lua5.3, lua5.4, lua50
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lua5.1 | — | Not affected | Not affected | Not affected | Not affected |
lua5.2 | — | Not affected | Not affected | Not affected | Not affected |
lua5.3 | — | Not affected | Not affected | Not affected | Not affected |
lua5.4 | — | Not affected | Not in release | Not in release | Not in release |
lua50 | — | Not in release | Not affected | Not affected | Not affected |