[SECURITY] Fedora 34 Update: redis-6.2.3-1.fc34

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

PT-2021-4055 · Lua 5.3 +4 · Lua 5.3 +4

Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.11.9 Description: An issue in Prosody allows remote unauthenticated denial-of-service DoS attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3. The problem is related to an error in the resource...

PT-2021-4058 · Lua +2 · Lua +2

Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.11.9 Description: An issue in Prosody allows an attacker to potentially reveal the contents of secret strings through a timing attack. This is due to the use of a non-constant-time algorithm for comparing certain...

Photon OS 4.0: Lua PHSA-2021-4.0-0009

An update of the lua package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0009. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid148816;...

Important Photon OS Security Update - PHSA-2021-4.0-0009

Updates of 'lua' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-0009

Updates of 'lua' packages of Photon OS have been released...

openSUSE Security Update : bcc (openSUSE-2021-535)

This update for bcc fixes the following issues : - Enabled PIE for bcc-lua if lua support is enabled bsc1183399 This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Security update for bcc (moderate)

openSUSE Security Update: Security update for bcc Announcement ID: openSUSE-SU-2021:0535-1 Rating: moderate References: 1183399 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for bcc fixes the following issues: - Enabled...

OPENSUSE-SU-2021:0535-1 Security update for bcc

This update for bcc fixes the following issues: - Enabled PIE for bcc-lua if lua support is enabled bsc1183399 This update was imported from the SUSE:SLE-15-SP2:Update update project...

Redis < 6.0.3 Integer Overflow Vulnerability

Redis is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

UBUNTU-CVE-2020-36309

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

Cross site request forgery (csrf)

ngxhttpluamodule aka lua-nginx-module before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header...

PT-2021-11997 · Unknown +3 · Ngx Http Lua Module +3

Name of the Vulnerable Software and Affected Versions: ngx http lua module aka lua-nginx-module versions prior to 0.10.16 Description: The issue allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header. Recommendations: For versions prior to...

PT-2021-2490 · Openwrt · Openwrt

Name of the Vulnerable Software and Affected Versions: OpenWrt 19.07 Description: The issue is related to the DDNS package in OpenWrt 19.07, where the detail.lua file allows remote authenticated users to inject arbitrary commands via POST requests to the /cgi-bin/luci API endpoint, specifically t...

The vulnerability of the `static ptrdiff_t finderrfunc` function in the `src/lj_err.c` file of the LuaJIT compiler, a programming language for Lua. This vulnerability allows an attacker to cause a service failure.

The vulnerability of the static ptrdifft finderrfunc function in the src/ljerr.c file of the LuaJIT compiler for the Lua programming language is related to reading data beyond the allowed buffer size. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

OESA-2021-1057 luajit security update

LuaJIT is a Just-In-Time Compiler JIT for the Lua programming language. Lua is a powerful, dynamic and light-weight programming language. It may be embedded or used as a general-purpose, stand-alone language. Security Fixes: LuaJIT through 2.1.0-beta3 has an out-of-bounds read in ljerrrun in...

Huawei EulerOS: Security Advisory for lua (EulerOS-SA-2021-1545)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : lua (EulerOS-SA-2021-1545)

According to the version of the lua packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by...

Fedora: Security Advisory for prosody (FEDORA-2021-54d3af6388)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...