SUSE CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

PT-2020-6263 · Lua +7 · Lua +7

Name of the Vulnerable Software and Affected Versions: Lua version 5.4.0 Description: The issue is related to an integer overflow in the ldebug.c component of the Lua script interpreter. This can be exploited by a remote attacker to cause a denial of service. The vulnerability is demonstrated by...