3325 matches found
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
DEBIAN-CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
Design/Logic Flaw
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
UBUNTU-CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
CVE-2023-35853
In Suricata
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
Suricata 安全漏洞
Suricata is a suite of network Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, and network security monitoring engines developed by the Open Information Security Foundation OISF and its supported vendors, which supports multi-threading, built-in IPv6, and the ability to load...
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
CVE-2023-35853
In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section...
CVE-2023-3040
A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...
CVE-2023-3040
A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...
Design/Logic Flaw
A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...
CVE-2023-3040
CVE-2023-3040 concerns the lua-resty-json library. A debug function, present up to commit 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14), contained an out-of-bounds access bug. If this function is used to parse untrusted input data, it could allow an attacker to trigger a DoS. The fu...
CVE-2023-3040 Out of Bounds Access Leading to Undefined Behavior
A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...
CVE-2023-3040 Out of Bounds Access Leading to Undefined Behavior
A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a merged in PR 14 contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that...
PT-2023-22671 · Unknown · Lua-Resty-Json
Name of the Vulnerable Software and Affected Versions: lua-resty-json versions up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a Description: A debug function in the lua-resty-json package contained an out of bounds access bug that could have allowed an attacker to launch a Denial of Servi...
PT-2023-6099 · Suricata +2 · Suricata +2
Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 6.0.13 Description: The issue is related to insufficient input validation in the Suricata intrusion detection and prevention system. It may allow a remote attacker to execute arbitrary code. An adversary who control...
lua-resty-json 缓冲区错误漏洞
Cloudflare lua-resty-json is Cloudflare's json library for use with lua and C. It has a security vulnerability in its previous version. A security vulnerability exists in versions prior to lua-resty-json 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a, which stems from the fact that an attacker may be...