Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2022-28805

Опубликовано: 08 апр. 2022
Источник: debian
EPSS Низкий

Описание

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
lua5.4fixed5.4.4-2package
lua5.4no-dsabullseyepackage
lua5.3not-affectedpackage
lua5.2not-affectedpackage
lua5.1not-affectedpackage
lua50not-affectedpackage

Примечания

  • https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa

  • http://lua-users.org/lists/lua-l/2022-02/msg00001.html

  • http://lua-users.org/lists/lua-l/2022-02/msg00070.html

EPSS

Процентиль: 33%
0.00125
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2022-28805

CVSS3: 9.1
ubuntu
больше 3 лет назад

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

redhat логотип

CVE-2022-28805

CVSS3: 6.2
redhat
больше 3 лет назад

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

nvd логотип

CVE-2022-28805

CVSS3: 9.1
nvd
больше 3 лет назад

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

msrc логотип

CVE-2022-28805

CVSS3: 9.1
msrc
больше 3 лет назад

Описание отсутствует

github логотип

GHSA-pxhp-rhgc-5jx8

CVSS3: 9.1
github
больше 3 лет назад

singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

EPSS

Процентиль: 33%
0.00125
Низкий