CVE-2021-45985 affecting package lua for versions less than 5.4.3-5

CVE-2021-45985 affecting package lua for versions less than 5.4.3-5. A patched version of the package is available...

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2023-165)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-165 advisory. Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token JWT...

Lua: Multiple Vulnerabilities

Background Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Description Multiple vulnerabilities have been discovered in Lua. Please...

[SECURITY] Fedora 36 Update: redis-6.2.12-1.fc36

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

[SECURITY] Fedora 38 Update: redis-7.0.11-1.fc38

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

[SECURITY] Fedora 37 Update: redis-7.0.11-1.fc37

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

OESA-2023-1242 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: In Lua 5.4.3, an erroneous finalizer called during a tail call leads to...

OESA-2023-1241 lua security update

Lua is a powerful, efficient, lightweight, embeddable scripting language. It supports procedural programming, object-oriented programming, functional programming, data-driven programming, and data description. Security Fixes: In Lua 5.4.3, an erroneous finalizer called during a tail call leads to...

The vulnerability of the Delta Electronics InfraSuite Device Master software in real-time device monitoring, related to errors in code generation, allows a perpetrator to execute arbitrary codes.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to errors in code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by running Lua-based scripts...

Mitre: CVE-2021-45985 Erroneous finalizer call in Lua leads to a heap-based buffer over-read

This CVE was assigned by Mitre. Some Microsoft products consume Lau open-source software. The purpose of this document is to attest to the fact that the products listed in the Security Updates table have been updated to protect against this vulnerability...

SUSE CVE-2021-45985

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

CVE-2021-45985

A heap-based buffer overflow issue was found in Lua Interpreter. The vulnerability can be exploited when an erroneous finalizer calls during a tail call with an invalid stack, triggering an out-of-bounds read, leading to a crash or a denial of service...

CVE-2021-45985

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

CVE-2021-45985

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

AZL-35066 CVE-2021-45985 affecting package ntopng for versions less than 5.2.1-2

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

AZL-26155 CVE-2021-45985 affecting package memcached for versions less than 1.6.13-3

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

DEBIAN-CVE-2021-45985

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

AZL-26047 CVE-2021-45985 affecting package lua for versions less than 5.4.3-5

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

AZL-26158 CVE-2021-45985 affecting package ntopng for versions less than 5.2.1-2

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...

Heap overflow

In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read...