4 matches found
[ASA-202010-5] lua: arbitrary code execution
Arch Linux Security Advisory ASA-202010-5 ========================================= Severity: High Date : 2020-10-18 CVE-ID : CVE-2020-15888 CVE-2020-15889 Package : lua Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1207 Summary ======= The package lua...
CVE-2020-15889 affecting package lua 5.3.5-9
CVE-2020-15889 affecting package lua 5.3.5-9. A patched version of the package is available...
CVE-2020-15889
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members...
CVE-2020-15889
CVE-2020-15889 concerns Lua 5.4.0 with a getobjname heap-based buffer over-read caused by lgc.c markold handling insufficient list members. Affects Lua 5.4.0; upstream fix is to upgrade to 5.4.1 (per Arch Linux ASA-202010-5 and related advisories). Impact is described as remote code execution in ...