Lua Security Vulnerabilities
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua...
9.1CVSS
9AI Score
0.003EPSS
An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error...
7.5CVSS
7.4AI Score
0.004EPSS
Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script...
5.5CVSS
5.5AI Score
0.001EPSS
Lua v5.4.3 and above are affected by SEGV by type confusion in funcnamefromcode function in ldebug.c which can cause a local denial of...
5.5CVSS
5.4AI Score
0.0004EPSS
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a...
7.8CVSS
7.5AI Score
0.001EPSS
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by...
5.3CVSS
5.5AI Score
0.005EPSS
An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an...
5.9CVSS
6.1AI Score
0.004EPSS
An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua...
7.5CVSS
7.3AI Score
0.013EPSS
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain...
7.5CVSS
7.3AI Score
0.03EPSS
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or...
8.8CVSS
8.5AI Score
0.003EPSS
Buffer overflow in the vararg functions in ldo.c in Lua 5.1 through 5.2.x before 5.2.3 allows context-dependent attackers to cause a denial of service (crash) via a small number of arguments to a function with a large number of fixed...
8.6AI Score
0.003EPSS
Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a...
5.5CVSS
5.5AI Score
0.0004EPSS
In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer...
7.5CVSS
7.3AI Score
0.001EPSS
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving...
5.3CVSS
5.3AI Score
0.001EPSS
Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script...
6.3CVSS
6.5AI Score
0.001EPSS
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer...
7.5CVSS
7.3AI Score
0.001EPSS
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list...
9.8CVSS
9.4AI Score
0.004EPSS
openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return...
9.1CVSS
9.2AI Score
0.001EPSS
openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return...
9.1CVSS
9.2AI Score
0.001EPSS
openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return...
9.1CVSS
9.2AI Score
0.001EPSS