CVE-2020-15888

Опубликовано: 21 июл. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.8

Описание

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

Релиз	Статус	Примечание
bionic	not-affected
devel	not-affected
esm-apps/bionic	not-affected
esm-apps/focal	not-affected
esm-apps/jammy	not-affected
esm-infra-legacy/trusty	not-affected
esm-infra/xenial	not-affected
focal	not-affected
groovy	not-affected
hirsute	not-affected

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
devel	not-affected
esm-apps/jammy	not-affected
esm-infra-legacy/trusty	not-affected
esm-infra/bionic	not-affected
esm-infra/focal	not-affected
esm-infra/xenial	not-affected
focal	not-affected
groovy	not-affected
hirsute	not-affected

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
devel	not-affected
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected
esm-infra/focal	not-affected
esm-infra/xenial	not-affected
focal	not-affected
groovy	not-affected
hirsute	not-affected
impish	not-affected

Показывать по

Релиз	Статус	Примечание
bionic	DNE
devel	not-affected	5.4.1-1
esm-apps/jammy	not-affected	5.4.1-1
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	ignored	end of life
hirsute	not-affected	5.4.1-1
impish	not-affected	5.4.1-1
jammy	not-affected	5.4.1-1

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
devel	DNE
esm-apps/bionic	not-affected
esm-apps/focal	not-affected
esm-apps/xenial	not-affected
esm-infra-legacy/trusty	DNE
focal	not-affected
groovy	not-affected
hirsute	not-affected
impish	not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%

0.01248

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2020-15888

CVSS3: 8.8

redhat

больше 5 лет назад

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

CVE-2020-15888

CVSS3: 8.8

nvd

больше 5 лет назад

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

CVE-2020-15888

CVSS3: 8.8

msrc

больше 5 лет назад

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection leading to a heap-based buffer overflow heap-based buffer over-read or use-after-free.

CVE-2020-15888

CVSS3: 8.8

debian

больше 5 лет назад

Lua through 5.4.0 mishandles the interaction between stack resizes and ...

GHSA-4f5v-4r5w-g4x3

CVSS3: 8.8

github

больше 3 лет назад

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

EPSS

Процентиль: 79%

0.01248

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2020-15888

Описание

Пакет lua5.1

Пакет lua5.2

Пакет lua5.3

Пакет lua5.4

Пакет lua50

Ссылки на источники

Связанные уязвимости