CVE-2020-24370

Опубликовано: 17 авг. 2020

Источник: debian

EPSS Низкий

Описание

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

Пакет	Статус	Версия исправления	Релиз	Тип
lua5.4	fixed	5.4.1-1		package
lua5.3	fixed	5.3.6-1		package
lua5.3	fixed	5.3.3-1.1+deb11u1	bullseye	package

http://lua-users.org/lists/lua-l/2020-07/msg00324.html
(lua5.4) https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b
(lua5.3) https://github.com/lua/lua/commit/b5bc89846721375fe30772eb8c5ab2786f362bf9

EPSS

Процентиль: 85%

0.02705

Низкий

CVE-2020-24370

CVSS3: 5.3

ubuntu

почти 5 лет назад

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

CVE-2020-24370

CVSS3: 5.3

redhat

почти 5 лет назад

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

CVE-2020-24370

CVSS3: 5.3

nvd

почти 5 лет назад

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

CVE-2020-24370

CVSS3: 5.3

msrc

12 месяцев назад

Описание отсутствует

RLSA-2021:4510

rocky

больше 3 лет назад

Low: lua security update

EPSS

Процентиль: 85%

0.02705

Низкий