Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-24370 (GCVE-0-2020-24370)
Vulnerability from cvelistv5 – Published: 2020-08-17 00:00 – Updated: 2024-08-04 15:12- n/a
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:12:08.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"name": "FEDORA-2020-d7ed9f18ff",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
},
{
"name": "FEDORA-2020-c83556709c",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"name": "[debian-lts-announce] 20200926 [SECURITY] [DLA 2381-1] lua5.3 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"name": "[debian-lts-announce] 20230622 [SECURITY] [DLA 3469-1] lua5.3 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"name": "FEDORA-2020-d7ed9f18ff",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
},
{
"name": "FEDORA-2020-c83556709c",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"name": "[debian-lts-announce] 20200926 [SECURITY] [DLA 2381-1] lua5.3 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"name": "[debian-lts-announce] 20230622 [SECURITY] [DLA 3469-1] lua5.3 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-24370",
"datePublished": "2020-08-17T00:00:00.000Z",
"dateReserved": "2020-08-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:12:08.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2020-24370
Vulnerability from fkie_nvd - Published: 2020-08-17 17:15 - Updated: 2026-06-17 03:05| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lua-users.org/lists/lua-l/2020-07/msg00324.html | Exploit, Mailing List, Vendor Advisory | |
| cve@mitre.org | https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b | Patch, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html | Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/ | Third Party Advisory | |
| cve@mitre.org | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lua-users.org/lists/lua-l/2020-07/msg00324.html | Exploit, Mailing List, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/ | Third Party Advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| lua | lua | 5.2.0 | |
| lua | lua | 5.2.0 | |
| lua | lua | 5.2.0 | |
| lua | lua | 5.2.1 | |
| lua | lua | 5.2.2 | |
| lua | lua | 5.2.3 | |
| lua | lua | 5.3.0 | |
| lua | lua | 5.3.0 | |
| lua | lua | 5.3.0 | |
| lua | lua | 5.3.1 | |
| lua | lua | 5.3.2 | |
| lua | lua | 5.3.3 | |
| lua | lua | 5.3.4 | |
| lua | lua | 5.3.5 | |
| lua | lua | 5.4.0 | |
| lua | lua | 5.4.0 | |
| lua | lua | 5.4.0 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| debian | debian_linux | 9.0 |
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "cve@mitre.org"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lua:lua:5.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F41B4A37-B7E5-4405-B5EA-5F1832AF02E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.2.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "A2191642-D493-4813-87BF-20AD2E63A2AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.2.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "D810ACDB-A811-4B70-AA77-E724CD0242B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "74A8D450-9B86-43DC-93A1-F68E42391948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2293D8C6-2D69-49EF-8BB9-F5222951386B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "25977A23-CF7A-4C39-8F0D-38E958E92F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "6820CE33-926F-477F-A99E-153E88BD5248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "4D651FE4-77A4-47CC-8EC6-FB8D35A2316F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "9CBD494F-5C56-4472-9C02-09A14222E024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED403C07-5D1C-4027-9A07-DD7AC4B9442E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A69EE245-6921-4EC4-B052-558A3BA259E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4DE6741D-A69C-4D2E-B5C9-EC44792BA871",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AE86E188-EB0F-4D54-B1E7-0213C099DAB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D6D7F5-0738-45EB-A4F2-9A65F8DD2D0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E9F78BF8-B73C-42C6-AF54-2CD935670053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.4.0:alpha:*:*:*:*:*:*",
"matchCriteriaId": "F49EE868-BA14-48D2-9C97-B52E6576EC62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lua:lua:5.4.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "C9117B51-57B0-4648-B937-69A6DAC06134",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31)."
},
{
"lang": "es",
"value": "El archivo ldebug.c en Lua versi\u00f3n 5.4.0, permite un desbordamiento de negaci\u00f3n y un error de segmentaci\u00f3n en getlocal y setlocal, como es demostrado por getlocal (3,2^31)."
}
],
"id": "CVE-2020-24370",
"lastModified": "2026-06-17T03:05:26.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-17T17:15:13.877",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2022-AVI-386
Vulnerability from certfr_avis - Published: 2022-04-26 - Updated: 2022-04-26
De multiples vulnérabilités ont été découvertes dans IBM QRadar SIEM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar SIEM | IBM QRadar SIEM version 7.5.0 antérieure à 7.5.0 UP1 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.4.3 antérieures à 7.4.3 FP5 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.3.3 antérieures à 7.3.3 FP11 |
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM QRadar SIEM version 7.5.0 ant\u00e9rieure \u00e0 7.5.0 UP1",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.4.3 ant\u00e9rieures \u00e0 7.4.3 FP5",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.3.3 ant\u00e9rieures \u00e0 7.3.3 FP11",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2021-22898",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22898"
},
{
"name": "CVE-2021-3200",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3200"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2020-8022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8022"
},
{
"name": "CVE-2021-38919",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38919"
},
{
"name": "CVE-2021-42340",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42340"
},
{
"name": "CVE-2021-33929",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33929"
},
{
"name": "CVE-2021-20231",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20231"
},
{
"name": "CVE-2021-38939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38939"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2021-38874",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38874"
},
{
"name": "CVE-2021-41182",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41182"
},
{
"name": "CVE-2021-33928",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33928"
},
{
"name": "CVE-2021-36086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36086"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2019-17594",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17594"
},
{
"name": "CVE-2021-38869",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38869"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2021-2432",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2432"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2020-9488",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9488"
},
{
"name": "CVE-2020-24370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24370"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2021-41184",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41184"
},
{
"name": "CVE-2021-33813",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33813"
},
{
"name": "CVE-2021-41183",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41183"
},
{
"name": "CVE-2021-3445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3445"
},
{
"name": "CVE-2020-16135",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16135"
},
{
"name": "CVE-2021-36085",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36085"
},
{
"name": "CVE-2021-29776",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29776"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2019-17595",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17595"
},
{
"name": "CVE-2021-23214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23214"
},
{
"name": "CVE-2021-33930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33930"
},
{
"name": "CVE-2021-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
},
{
"name": "CVE-2021-20232",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20232"
},
{
"name": "CVE-2021-28153",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28153"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-27218",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27218"
},
{
"name": "CVE-2021-33560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33560"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2022-22345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22345"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2021-38878",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38878"
},
{
"name": "CVE-2021-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36087"
},
{
"name": "CVE-2020-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12762"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2021-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22096"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2021-36084",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36084"
},
{
"name": "CVE-2021-22876",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22876"
},
{
"name": "CVE-2021-3580",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3580"
},
{
"name": "CVE-2021-33938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33938"
}
],
"initial_release_date": "2022-04-26T00:00:00",
"last_revision_date": "2022-04-26T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-386",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar SIEM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar SIEM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6574453 du 25 avril 2022",
"url": "https://www.ibm.com/support/pages/node/6574453"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6574787 du 25 avril 2022",
"url": "https://www.ibm.com/support/pages/node/6574787"
}
]
}
GHSA-GFR4-C37G-MM3V
Vulnerability from github – Published: 2022-05-24 17:26 – Updated: 2024-09-09 15:30ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
{
"affected": [],
"aliases": [
"CVE-2020-24370"
],
"database_specific": {
"cwe_ids": [
"CWE-191"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-08-17T17:15:00Z",
"severity": "MODERATE"
},
"details": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).",
"id": "GHSA-gfr4-c37g-mm3v",
"modified": "2024-09-09T15:30:37Z",
"published": "2022-05-24T17:26:02Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24370"
},
{
"type": "WEB",
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ"
},
{
"type": "WEB",
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
bit-lua-2020-24370
Vulnerability from bitnami_vulndb
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "lua",
"purl": "pkg:bitnami/lua"
},
"ranges": [
{
"events": [
{
"introduced": "5.2.0"
},
{
"fixed": "5.2.4"
},
{
"introduced": "5.3.0"
},
{
"fixed": "5.3.6"
},
{
"introduced": "5.4.0"
},
{
"fixed": "5.4.1"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2020-24370"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.2.0:-:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.2.0:alpha:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.2.0:beta:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.0:-:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.0:alpha:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.0:beta:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.1:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.3.5:*:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.4.0:alpha:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:5.4.0:beta:*:*:*:*:*:*",
"cpe:2.3:a:lua:lua:*:*:*:*:*:*:*:*"
],
"severity": "Medium"
},
"details": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).",
"id": "BIT-lua-2020-24370",
"modified": "2026-01-08T18:07:34.629Z",
"published": "2024-03-06T10:56:50.799Z",
"references": [
{
"type": "WEB",
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"type": "WEB",
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24370"
}
],
"schema_version": "1.5.0"
}
GSD-2020-24370
Vulnerability from gsd - Updated: 2023-12-13 01:22{
"GSD": {
"alias": "CVE-2020-24370",
"description": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).",
"id": "GSD-2020-24370",
"references": [
"https://www.suse.com/security/cve/CVE-2020-24370.html",
"https://access.redhat.com/errata/RHSA-2021:4510",
"https://advisories.mageia.org/CVE-2020-24370.html",
"https://linux.oracle.com/cve/CVE-2020-24370.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-24370"
],
"details": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).",
"id": "GSD-2020-24370",
"modified": "2023-12-13T01:22:12.745747Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-24370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html",
"refsource": "MISC",
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"name": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b",
"refsource": "MISC",
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"name": "FEDORA-2020-d7ed9f18ff",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
},
{
"name": "FEDORA-2020-c83556709c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"name": "[debian-lts-announce] 20200926 [SECURITY] [DLA 2381-1] lua5.3 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"name": "[debian-lts-announce] 20230622 [SECURITY] [DLA 3469-1] lua5.3 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "=5.4.0",
"affected_versions": "Version 5.4.0",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-191",
"CWE-937"
],
"date": "2020-09-26",
"description": "`ldebug.c` allows a negation overflow and segmentation fault in `getlocal` and `setlocal`.",
"fixed_versions": [],
"identifier": "CVE-2020-24370",
"identifiers": [
"CVE-2020-24370"
],
"not_impacted": "",
"package_slug": "conan/lua",
"pubdate": "2020-08-17",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Integer Underflow (Wrap or Wraparound)",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-24370",
"http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
],
"uuid": "4ce42cff-a0ce-420c-9d0d-63363b62b1e7"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:lua:lua:5.4.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-24370"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b"
},
{
"name": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html",
"refsource": "MISC",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
],
"url": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html"
},
{
"name": "FEDORA-2020-d7ed9f18ff",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/"
},
{
"name": "FEDORA-2020-c83556709c",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/"
},
{
"name": "[debian-lts-announce] 20200926 [SECURITY] [DLA 2381-1] lua5.3 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html"
},
{
"name": "[debian-lts-announce] 20230622 [SECURITY] [DLA 3469-1] lua5.3 security update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00031.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2023-06-23T01:15Z",
"publishedDate": "2020-08-17T17:15Z"
}
}
}
CVE-2020-24370
Vulnerability from fstec - Published: 03.10.2020{
"CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Software in the Public Interest Inc., \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "9 (Debian GNU/Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb (Astra Linux Common Edition), 8 (Debian GNU/Linux), 10 (Debian GNU/Linux), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 5.4.0 (Lua), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f Lua:\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b\n\n\u0414\u043b\u044f Debian:\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://security-tracker.debian.org/tracker/CVE-2020-24370\n\n\u0414\u043b\u044f Astra Linux:\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=47416144\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20211019SE81\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 lua5.3 \u0434\u043e 5.3.3-1.1+deb10u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f lua5.3 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 5.3.3-1osnova3\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 lua5.3 \u0434\u043e 5.3.3-1.1+deb10u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: \nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.10.2020",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "04.02.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "20.07.2021",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2021-03735",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2020-24370",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Lua, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Software in the Public Interest Inc. Lua 5.4.0 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 ldebug.c \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 Lua, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0442\u0435\u0440\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0426\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u0430\u044f \u043f\u043e\u0442\u0435\u0440\u044f \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438 (\u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0438\u043b\u0438 \u0446\u0438\u043a\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0441\u0434\u0432\u0438\u0433) (CWE-191)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 ldebug.c \u0438\u043d\u0442\u0435\u0440\u043f\u0440\u0435\u0442\u0430\u0442\u043e\u0440\u0430 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432 Lua \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u0442\u0435\u0440\u0435\u0439 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0441\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lua-users.org/lists/lua-l/2020-07/msg00324.html\nhttps://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-24370\nhttps://security-tracker.debian.org/tracker/CVE-2020-24370\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20210611SE16\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20210730SE16\nhttps://wiki.astralinux.ru/pages/viewpage.action?pageId=47416144\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20211019SE81\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-1023SE17\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2024-0416SE47\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-191",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,3)"
}
CNVD-2020-49575
Vulnerability from cnvd - Published: 2020-08-31厂商已发布了漏洞修复程序,请及时关注更新: https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b
| Name | Lua Lua 5.4.0 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-24370",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-24370"
}
},
"description": "Lua\u662f\u4e00\u79cd\u8f7b\u91cf\u7ea7\u3001\u591a\u8303\u5f0f\u7f16\u7a0b\u8bed\u8a00\u3002\n\nLua 5.4.0\u4e2d\u7684ldebug.c\u4e2d\u7684getlocal\u548csetlocal\u5b58\u5728\u6570\u5b57\u9519\u8bef\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-49575",
"openTime": "2020-08-31",
"patchDescription": "Lua\u662f\u4e00\u79cd\u8f7b\u91cf\u7ea7\u3001\u591a\u8303\u5f0f\u7f16\u7a0b\u8bed\u8a00\u3002\r\n\r\nLua 5.4.0\u4e2d\u7684ldebug.c\u4e2d\u7684getlocal\u548csetlocal\u5b58\u5728\u6570\u5b57\u9519\u8bef\u6f0f\u6d1e\u3002\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Lua\u6570\u5b57\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Lua Lua 5.4.0"
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-24370",
"serverity": "\u4e2d",
"submitTime": "2020-08-18",
"title": "Lua\u6570\u5b57\u9519\u8bef\u6f0f\u6d1e"
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.