CVE-2020-15945

MEDIUM5.5EPSS 0.16%

發布日:2020/7/24修改日:2026/4/28

也稱為:DEBIAN-CVE-2020-15945

描述

Lua 5.4.0 (fixed in 5.4.1) has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function.

受影響套件(2)

Bitnami/lua>= 5.3.1, < 5.4.0
Debian/lua5.4from 0, < 5.4.1-1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.5	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

參考連結(5)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2020-15945
WEBhttp://lua-users.org/lists/lua-l/2020-07/msg00123.html
WEBhttps://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2020-15945
WEBhttps://www.lua.org/bugs.html#5.4.0-8