CVE-2020-24369

Опубликовано: 17 авг. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.

Ссылки

https://github.com/lua/lua/commit/ae5b5ba529753c7a653901ffc29b5ea24c3fdf3a
Patch
Third Party Advisory
https://www.lua.org/bugs.html#5.4.0-12
Exploit
Vendor Advisory
https://github.com/lua/lua/commit/ae5b5ba529753c7a653901ffc29b5ea24c3fdf3a
Patch
Third Party Advisory
https://www.lua.org/bugs.html#5.4.0-12
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00573

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

CVE-2020-24369

CVSS3: 7.5

ubuntu

больше 5 лет назад

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.

CVE-2020-24369

CVSS3: 7

redhat

больше 5 лет назад

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.

CVE-2020-24369

CVSS3: 7.5

debian

больше 5 лет назад

ldebug.c in Lua 5.4.0 attempts to access debug information via the lin ...

GHSA-8g95-2365-4r5r

github

больше 3 лет назад

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.

EPSS

Процентиль: 68%

0.00573

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-476