EulerOS Virtualization for ARM 64 3.0.2.0 : vim (EulerOS-SA-2020-1957)

According to the version of the vim packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in vim in the restricted mode, where all commands that make use of external shells are disabled. However, i...

CVE-2020-24987

Tenda AC18 Router through V15.03.05.05EN and through V15.03.05.196318 CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck function in /usr/lib/lua/ngxauthserver/ngxwdas.lua file if the administrator UI Interface is set to "radius"...

Updated lua and lua5.3 packages fix security vulnerability

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31. CVE-2020-24370...

MGASA-2020-0362 Updated lua and lua5.3 packages fix security vulnerability

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31. CVE-2020-24370...

Fedora 31 : lua (2020-c83556709c)

Fix CVE-2020-24370 . Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2020-1934)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for lua (FEDORA-2020-c83556709c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: lua-5.3.5-8.fc31

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

The vulnerability of the ngx_http_lua_subrequest.c component in the OpenResty web server allows a attacker to compromise data integrity.

The vulnerability of the ngxhttpluasubrequest.c component in the OpenResty web server is related to inconsistent interpretation of http requests. Exploiting this vulnerability could allow a malicious actor to compromise data integrity from a remote location...

EulerOS 2.0 SP5 : vim (EulerOS-SA-2020-1934)

According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces e.g., Python, Ruby, o...

Fedora: Security Advisory for lua (FEDORA-2020-d7ed9f18ff)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-24342

Lua through 5.4.0 allows a stack redzone cross in luaOpushvfstring because a protection mechanism wrongly calls luaDcallnoyield twice in a row...

Debian DSA-4750-1 : nginx - security update

It was reported that the Lua module for Nginx, a high-performance web and reverse proxy server, is prone to a HTTP request smuggling vulnerability. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4750. The te...

Fedora 32 : lua (2020-d7ed9f18ff)

Fix CVE-2020-24370 . Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...

Debian: Security Advisory (DSA-4750-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 32 Update: lua-5.3.5-8.fc32

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

CVE-2020-24371

lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage...

CVE-2020-24370

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31...

CVE-2020-24369

ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference...

Lua Numeric Error Vulnerability

Lua is a lightweight, multi-paradigm programming language. A numeric error vulnerability exists in getlocal and setlocal in ldebug.c in Lua 5.4.0. No detailed vulnerability details are provided at this time...