17 matches found
MiracleLinux 9 : lua-5.4.4-2.el9 (AXSA:2023-5175:02)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5175:02 advisory. lua: use after free allows Sandbox Escape CVE-2021-44964 lua: stack overflow in luaresume of ldo.c allows a DoS via a crafted script file...
CBL Mariner 2.0 Security Update: lua / memcached / ntopng (CVE-2021-44964)
The version of lua / memcached / ntopng installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-44964 advisory. - Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3...
CVE-2021-44964 affecting package ntopng for versions less than 5.2.1-3
CVE-2021-44964 affecting package ntopng for versions less than 5.2.1-3. A patched version of the package is available...
CVE-2021-44964 affecting package memcached for versions less than 1.6.22-2
CVE-2021-44964 affecting package memcached for versions less than 1.6.22-2. A patched version of the package is available...
Linux Distros Unpatched Vulnerability : CVE-2021-44964
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
CVE-2021-44964 affecting package lua for versions less than 5.4.4-1
CVE-2021-44964 affecting package lua for versions less than 5.4.4-1. An upgraded version of the package is available that resolves this issue...
RLSA-2023:0957 Moderate: lua security update
The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use after free allows Sandbox Escape CVE-2021-44964 lua: stack overflow in...
lua security update
An update is available for lua. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The lua packages provide support for Lua, a powerful light-weight programming...
Rocky Linux 9 : lua (RLSA-2023:0957)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0957 advisory. - Stack overflow in luaresume of ldo.c in Lua Interpreter 5.1.05.4.4 allows attackers to perform a Denial of Service via a crafted script file...
Moderate: Red Hat Security Advisory: lua security update
An update for lua is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Moderate: lua security update
The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use after free allows Sandbox Escape CVE-2021-44964 lua: stack overflow in...
ALSA-2023:0957 Moderate: lua security update
The lua packages provide support for Lua, a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Security Fixes: lua: use after free allows Sandbox Escape CVE-2021-44964 lua: stack overflow in...
CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
AZL-60034 CVE-2021-44964 affecting package ntopng for versions less than 5.2.1-3
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...
CVE-2021-44964
CVE-2021-44964 affects Lua interpreter 5.4.0–5.4.3, where use-after-free in the garbage collector/finalizer (lgc.c) enables Sandbox Escape via a crafted script file. Multiple connected advisories confirm the issue and note that patched versions exist (e.g., Lua 5.4.4+; e.g., 5.4.4-1 or newer) and...
CVE-2021-44964
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.05.4.3 allows attackers to perform Sandbox Escape via a crafted script file...