Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-15889HistoryJul 21, 2020 - 10:15 p.m.
CVE-2020-15889
2020-07-2122:15:00
Debian Security Bug Tracker
security-tracker.debian.org
5
0.004 Low
EPSS
Percentile
72.1%
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | lua5.4 | < 5.4.0-2 | lua5.4_5.4.0-2_all.deb |
| Debian | 11 | all | lua5.4 | < 5.4.0-2 | lua5.4_5.4.0-2_all.deb |
| Debian | 999 | all | lua5.4 | < 5.4.0-2 | lua5.4_5.4.0-2_all.deb |
| Debian | 13 | all | lua5.4 | < 5.4.0-2 | lua5.4_5.4.0-2_all.deb |
Related
osv
osv
CVE-2020-15889
2020-07-21 22:15:12
BIT-lua-2020-15889
2024-03-06 10:57:28
prion
prion
Heap overflow
2020-07-21 22:15:00
ubuntucve
ubuntucve
CVE-2020-15889
2020-07-21 00:00:00
cve
cve
CVE-2020-15889
2020-07-21 22:15:00
cbl_mariner
cbl_mariner
CVE-2020-15889 affecting package lua 5.3.5-9
2020-10-08 18:09:52
redhatcve
redhatcve
CVE-2020-15889
2020-07-24 10:07:52
cvelist
cvelist
CVE-2020-15889
2020-07-21 21:35:49
archlinux
archlinux
[ASA-202010-5] lua: arbitrary code execution
2020-10-18 00:00:00