CVE-2020-15888

Published: Jul 21, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/lua/lua/commit/eb41999461b6f428186c55abd95f4ce1a76217d5

x_refsource_MISC

https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7

x_refsource_MISC

http://lua-users.org/lists/lua-l/2020-07/msg00053.html

x_refsource_MISC

http://lua-users.org/lists/lua-l/2020-07/msg00054.html

x_refsource_MISC

http://lua-users.org/lists/lua-l/2020-07/msg00071.html

x_refsource_MISC

http://lua-users.org/lists/lua-l/2020-07/msg00079.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-15888

Description

Affected Products

References