CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a Debian-specific Lua sandbox escape, which could result in remote code execution. Recent assessments: NinjaOperator at March 25, 2022 8:04pm UTC reported: Muhstik Gang has been seen exploiting...

[SECURITY] Fedora 34 Update: lua-5.4.4-1.fc34

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

CVE-2022-24112

An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of Admin API. A default configuration of Apache APISIX with default API key is vulnerable to remote code execution. When the admin key was changed or the port of Admin API was changed to a port different...

PT-2022-2530

Name of the Vulnerable Software and Affected Versions Redis versions prior to 7.0.0 and 6.2.7 Description The issue is related to weaknesses in the Lua script execution environment in Redis, which can be exploited by a less privileged user to inject Lua code that will execute with potentially...

Denial Of Service (DoS)

Lua is vulnerable to denial of service. It is affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of service...

Denial Of Service (DoS)

lua is vulnerable to denial of service. The vulnerability exists due to Stack overflow in luaresume of ldo.c in Lua Interpreter...

Important Photon OS Security Update - PHSA-2022-0469

Updates of 'linux', 'apache-tomcat', 'linux-esx', 'mariadb' packages of Photon OS have been released...

AlmaLinux 8 : lua (ALSA-2019:3706)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2019:3706 advisory. - Lua 5.3.5 has a use-after-free in luaupvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a...

AlmaLinux 8 : lua (ALSA-2021:4510)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:4510 advisory. - ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal3,2^31. CVE-2020-24370 Note that...

[SECURITY] Fedora 35 Update: lua-5.4.4-1.fc35

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

Fedora: Security Advisory for lua (FEDORA-2022-e6b2bd5b50)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CLSA-2022-1643914331 Fix of CVE: CVE-2021-44790

CVE-2021-44790: modlua: possible buffer overflow when parsing multipart content 2035062...

CLSA-2022-1643822315 Fix of CVE: CVE-2021-44790

CVE-2021-44790: modlua: possible buffer overflow when parsing multipart content 2035062...

Fedora: Security Advisory for lua (FEDORA-2022-93f064549c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: lua-5.4.3-4.fc35

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

CVE-2021-43519

A stack overflow issue was discovered in Lua in the luaresume function of 'ldo.c'. This flaw allows a local attacker to pass a specially crafted file to the Lua Interpreter, causing a crash that leads to a denial of service...

Mageia: Security Advisory (MGASA-2015-0244)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0325)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2015-0282)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2014-0414)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...