Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-201701-53
HistoryJan 23, 2017 - 12:00 a.m.

Lua: Buffer overflow

2017-01-2300:00:00
Gentoo Foundation
security.gentoo.org
48

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

69.6%

JSON

Background

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description.

Description

A buffer overflow was discovered in the vararg functions in ldo.c in Lua.

Impact

Context-dependent could cause a Denial of Service condition or execute arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All Lua users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-lang/lua-5.1.5-r4"
OSVersionArchitecturePackageVersionFilename
Gentooanyalldev-lang/lua< 5.1.5-r4UNKNOWN

Related

nessus 16
openvas 14
ubuntu 1
prion 1
securityvulns 2
debian 3
amazon 1
mageia 2
osv 3
cve 1
debiancve 1
ubuntucve 1
gentoo 1
nessus
nessus
Mandriva Linux Security Advisory : lua (MDVSA-2014:205)
2014-10-27 00:00:00
Debian DSA-3015-1 : lua5.1 - security update
2014-09-02 00:00:00
EulerOS 2.0 SP5 : lua (EulerOS-SA-2019-1978)
2019-09-23 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-402)
2015-09-08 00:00:00
Debian Security Advisory DSA 3016-1 (lua5.2 - security update)
2014-09-01 00:00:00
Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2019-2629)
2020-01-23 00:00:00
ubuntu
ubuntu
Lua vulnerability
2014-09-03 00:00:00
prion
prion
Buffer overflow
2014-09-04 17:55:00
securityvulns
securityvulns
Lua buffer overflow
2014-09-03 00:00:00
[SECURITY] [DSA 3016-1] lua5.2 security update
2014-09-03 00:00:00
debian
debian
[SECURITY] [DLA 47-1] lua5.1 security update
2014-09-05 16:02:04
[SECURITY] [DSA 3016-1] lua5.2 security update
2014-09-01 19:08:34
[SECURITY] [DSA 3015-1] lua5.1 security update
2014-09-01 19:03:03
amazon
amazon
Medium: lua
2014-09-17 21:44:00
mageia
mageia
Updated lua and lua5.1 packages fix security vulnerability
2014-10-23 17:27:57
Updated freeciv packages fix a security vulnerability
2015-01-21 20:15:23
osv
osv
lua5.2 - security update
2014-09-01 00:00:00
lua5.1 - security update
2014-09-05 00:00:00
lua5.1 - security update
2014-09-01 00:00:00
cve
cve
CVE-2014-5461
2014-09-04 17:55:00
debiancve
debiancve
CVE-2014-5461
2014-09-04 17:55:00
ubuntucve
ubuntucve
CVE-2014-5461
2014-08-28 00:00:00
gentoo
gentoo
Lua: Multiple Vulnerabilities
2023-05-03 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.003 Low

EPSS

Percentile

69.6%

JSON
Related for GLSA-201701-53
nessus16openvas14ubuntu1prion1securityvulns2debian3amazon1mageia2osv3cve1debiancve1ubuntucve1gentoo1