USN-6916-1: Lua vulnerabilities

It was discovered that Lua did not properly generate code when "ENV" is constant. An attacker could possibly use this issue to cause a denial of service or execute arbitrary unstrusted lua code. CVE-2022-28805 It was discovered that Lua did not properly handle C stack overflows during error...

DLA-3469-1 lua5.3 - security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: lua security update

An update for lua is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

[SECURITY] Fedora 36 Update: lua-5.4.4-3.fc36

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

[SECURITY] Fedora 35 Update: lua-5.4.3-4.fc35

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

[SECURITY] Fedora 31 Update: lua-5.3.5-8.fc31

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

Moderate: Red Hat Security Advisory: lua security and bug fix update

An update for lua is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CVE-2017-9389

CVE-2017-9389 affects Vera VeraEdge (1.7.19) and Veralite (1.7.481). The web UI allows users to install and write Lua applications without authentication. A POST carries user-provided Lua code to the LuaUPNP daemon, which handles it in LU::JobHandler_LuaUPnP::RunLua and passes the code to LU::Lua...

Syhunt Advisory: CGILua session.lua Predictable Session ID Vulnerability

Syhunt Advisory: CGILua session.lua Predictable Session ID Vulnerability Advisory-ID: 201404301 Discovery Date: 03.27.2014 Release Date: 04.30.2014 Affected Applications: CGILua 5.0.x, CGILua 5.1.x., CGILua 5.2 alpha 1 & CGILua 5.2 alpha 2 Class: Predictable Session ID Status: Unpatched/Vendor...