CVE-2021-43519

Опубликовано: 09 нояб. 2021

Источник: debian

EPSS Низкий

Описание

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

Пакет	Статус	Версия исправления	Релиз	Тип
lua5.4	fixed	5.4.4-1		package
lua5.4	no-dsa		bullseye	package
lua5.3	not-affected			package
lua5.2	not-affected			package
lua5.1	not-affected			package
lua50	not-affected			package

http://lua-users.org/lists/lua-l/2021-10/msg00123.html
http://lua-users.org/lists/lua-l/2021-11/msg00015.html
Introduced by: https://github.com/lua/lua/commit/287b302acb8d925178e9edb800f0a8d18c7d35f6 (v5.4.2)
Fixed by: https://github.com/lua/lua/commit/74d99057a5146755e737c479850f87fd0e3b6868 (v5.4.4)
Cf. http://lua-users.org/lists/lua-l/2023-06/msg00059.html
Cf. http://lua-users.org/lists/lua-l/2023-06/msg00063.html

EPSS

Процентиль: 17%

0.00054

Низкий

CVE-2021-43519

CVSS3: 5.5

ubuntu

больше 3 лет назад

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

CVE-2021-43519

CVSS3: 5.5

redhat

больше 3 лет назад

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

CVE-2021-43519

CVSS3: 5.5

nvd

больше 3 лет назад

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

CVE-2021-43519

CVSS3: 5.5

msrc

больше 3 лет назад

Описание отсутствует

GHSA-g78p-3v3v-h7wm

CVSS3: 5.5

github

около 3 лет назад

Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.

EPSS

Процентиль: 17%

0.00054

Низкий