Fedora: Security Advisory for golang-github-yuin-gopher-lua (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the mod_lua module in the Apache HTTP Server allows a hacker to cause a service failure.

The vulnerability of the modlua module in the Apache HTTP Server is related to the unlimited distribution of resources when processing the function with zero parameter r:parsebody0. Exploiting this vulnerability allows a malicious actor to cause service failures by sending a specially crafted HTT...

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

AZL-35032 CVE-2022-33099 affecting package nmap for versions less than 7.95-1

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

DEBIAN-CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

AZL-10045 CVE-2022-33099 affecting package lua for versions less than 5.4.3-4

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

AZL-41192 CVE-2022-33099 affecting package ntopng for versions less than 5.2.1-4

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

Heap overflow

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

UBUNTU-CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

CVE-2022-33099

Lua 5.4.4 and earlier contains a heap-buffer overflow in the error handling path (CVE-2022-33099) affecting luaG_runerror (and related luaG_errormsg handling), triggered by recursive error handling. Connected advisories confirm affected packages (Lua 5.4.x family) across multiple distributions, w...

CVE-2022-33099

An issue in the component luaGrunerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs...

Lua 缓冲区错误漏洞

Lua is a lightweight, extensible open source scripting language from the LUA team. A security vulnerability exists in Lua v5.4.4 and earlier versions, which stems from an issue in luaGrunerror that causes a heap buffer overflow in the event of a recursive error...

PT-2022-21690 · Lua +6 · Lua +6

Name of the Vulnerable Software and Affected Versions: Lua versions prior to 5.4.4 Description: An issue in the component luaG runerror of Lua leads to a heap-buffer overflow when a recursive error occurs. Recommendations: For versions prior to 5.4.4, update to a version that contains a fix for...

Kubernetes: RCE on ingress-nginx-controller via Ingress spec.rules.http.paths.path field

A vulnerability was exploited that allowed arbitrary files to be written and executed on the ingress-nginx-controller pod through the manipulation of Ingress resource specifications. By configuring log formats and locations, malicious configurations could gain remote code execution capabilities o...

CVE-2021-44647 affecting package lua for versions less than 5.4.3-3

CVE-2021-44647 affecting package lua for versions less than 5.4.3-3. A patched version of the package is available...

OESA-2022-1718 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to...