CPE-41A4581C-9585-4320-916B-520C2E2F8872 Detail

CPE Details

Lua 5.4.0

Vendor

lua

Product

lua

Version

5.4.0

Created

2020-07-22
14h56 +00:00

Modified

2020-07-22
14h56 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:lua:lua:5.4.0:-::::::

Informations

Vendor

lua

Product

lua

Version

5.4.0

Update

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2022-28805	2022-04-07 22h00 +00:00	singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.	9.1	Critical
CVE-2021-44964	2022-03-14 13h24 +00:00	Use after free in garbage collector and finalizer of lgc.c in Lua interpreter 5.4.0~5.4.3 allows attackers to perform Sandbox Escape via a crafted script file.	6.3	Medium
CVE-2021-43519	2021-11-09 11h26 +00:00	Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 allows attackers to perform a Denial of Service via a crafted script file.	5.5	Medium
CVE-2021-32921	2021-05-13 13h14 +00:00	An issue was discovered in Prosody before 0.11.9. It does not use a constant-time algorithm for comparing certain secret strings when running under Lua 5.2 or later. This can potentially be used in a timing attack to reveal the contents of secret strings to an attacker.	5.9	Medium
CVE-2020-24369	2020-08-17 14h06 +00:00	ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference.	7.5	High
CVE-2020-24371	2020-08-17 14h06 +00:00	lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage.	5.3	Medium
CVE-2020-24370	2020-08-16 22h00 +00:00	ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).	5.3	Medium
CVE-2020-24342	2020-08-13 16h54 +00:00	Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.	7.8	High
CVE-2020-15888	2020-07-21 19h36 +00:00	Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.	8.8	High
CVE-2020-15889	2020-07-21 19h35 +00:00	Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.	9.8	Critical

Lua 5.4.0

CPE Details

CPE Name: cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:lua:lua:5.4.0:-::::::