Lua Buffer Overflow Vulnerability

Lua is a lightweight, extensible open source scripting language from the Lua team. A buffer overflow vulnerability exists in luaOpushvfstring in Lua 5.4.0 and earlier versions, which originates when a networked system or product performs an operation in memory without properly validating the data...

PT-2020-15693 · Lua · Lua

Name of the Vulnerable Software and Affected Versions: Lua versions prior to 5.4.1 Description: The issue allows a stack redzone cross in luaO pushvfstring due to a protection mechanism wrongly calling luaD callnoyield twice in a row. Recommendations: For Lua versions prior to 5.4.1, update to...