CVE-2020-15889
N/A
N/A
Summary
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://lua-users.org/lists/lua-l/2020-07/msg00078.html
- https://github.com/lua/lua/commit/127e7a6c8942b362aa3c6627f44d660a4fb75312
- http://lua-users.org/lists/lua-l/2020-12/msg00157.html
References
- http://lua-users.org/lists/lua-l/2020-07/msg00078.html
- https://github.com/lua/lua/commit/127e7a6c8942b362aa3c6627f44d660a4fb75312
- http://lua-users.org/lists/lua-l/2020-12/msg00157.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.