CVE-2020-24372

Опубликовано: 17 авг. 2020

Источник: debian

EPSS Низкий

Описание

LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c.

Пакет	Статус	Версия исправления	Релиз	Тип
luajit	fixed	2.1.0~beta3+git20210112+dfsg-2		package

https://github.com/LuaJIT/LuaJIT/issues/603
Fixed by: https://github.com/LuaJIT/LuaJIT/commit/12ab596997b9cb27846a5b254d11230c3f9c50c8 (v2.1)
Fixed by: https://github.com/LuaJIT/LuaJIT/commit/e296f56b825c688c3530a981dc6b495d972f3d01 (v2.1)
No security impact, only "exploitable" with untrusted Lua code

EPSS

Процентиль: 52%

0.00295

Низкий

CVE-2020-24372

CVSS3: 7.5

ubuntu

больше 5 лет назад

LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c.

CVE-2020-24372

CVSS3: 7.5

redhat

больше 5 лет назад

LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c.

CVE-2020-24372

CVSS3: 7.5

nvd

больше 5 лет назад

LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c.

GHSA-cf74-x979-rggp

CVSS3: 7.5

github

больше 3 лет назад

LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c.

EPSS

Процентиль: 52%

0.00295

Низкий