Lucene search
GoogleOSV:CVE-2022-28805HistoryApr 08, 2022 - 6:15 a.m.
CVE-2022-28805
2022-04-0806:15:07
Google
osv.dev
31
lua
heap-based buffer
cve-2022-28805
lparser.c
lua code compilation
EPSS
0.003
Percentile
68.4%
singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.
References
github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RJNJ66IFDUKWJJZXHGOLRGIA3HWWC36R/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHYZOEFDVLVAD6EEP4CDW6DNONIVVHPA/
lua-users.org/lists/lua-l/2022-02/msg00001.html
lua-users.org/lists/lua-l/2022-02/msg00070.html
lua-users.org/lists/lua-l/2022-04/msg00009.html
security.gentoo.org/glsa/202305-23
Related
veracode
veracode
Denial Of Service (DoS)
2022-05-02 12:21:44
ibm
ibm
cvelist
cvelist
CVE-2022-28805
2022-04-08 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0386
2022-04-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0173
2022-04-21 00:00:00
Critical Photon OS Security Update - PHSA-2022-3.0-0386
2022-04-22 00:00:00
nvd
nvd
CVE-2022-28805
2022-04-08 06:15:07
prion
prion
Heap overflow
2022-04-08 06:15:00
cbl_mariner
cbl_mariner
CVE-2022-28805 affecting package ntopng for versions less than 5.2.1-3
2024-06-21 09:32:44
CVE-2022-28805 affecting package lua for versions less than 5.4.3-2
2022-06-03 17:54:02
CVE-2022-28805 affecting package lua for versions less than 5.4.4-2
2024-03-19 17:21:46
alpinelinux
alpinelinux
CVE-2022-28805
2022-04-08 06:15:07
osv
osv
Low: lua security update
2023-05-09 00:00:00
CGA-jp27-33wv-v9qj
2024-06-06 12:26:07
BIT-lua-2022-28805
2024-03-06 10:55:38
nessus
nessus
CentOS 9 : lua-5.4.4-3.el9
2024-02-29 00:00:00
CBL Mariner 2.0 Security Update: lua (CVE-2022-28805)
2023-03-20 00:00:00
AlmaLinux 9 : lua (ALSA-2023:2582)
2023-05-14 00:00:00
oraclelinux
oraclelinux
lua security update
2023-05-15 00:00:00
redhatcve
redhatcve
CVE-2022-28805
2022-04-11 05:14:48
ubuntucve
ubuntucve
CVE-2022-28805
2022-04-08 00:00:00
cve
cve
CVE-2022-28805
2022-04-08 06:15:07
almalinux
almalinux
Low: lua security update
2023-05-09 00:00:00
debiancve
debiancve
CVE-2022-28805
2022-04-08 06:15:07
redhat
redhat
(RHSA-2023:2582) Low: lua security update
2023-05-09 05:15:07
(RHSA-2023:3905) Important: Network observability 1.3.0 for Openshift
2023-06-28 15:41:08
fedora
fedora
[SECURITY] Fedora 35 Update: lua-5.4.4-3.fc35
2022-08-04 01:37:59
[SECURITY] Fedora 36 Update: lua-5.4.4-3.fc36
2022-07-26 16:15:00
openvas
openvas
Fedora: Security Advisory for lua (FEDORA-2022-b9ed35a7ad)
2022-07-27 00:00:00
Fedora: Security Advisory for lua (FEDORA-2022-5b5889f43a)
2022-08-05 00:00:00
Ubuntu: Security Advisory (USN-6916-1)
2024-07-30 00:00:00
ubuntu
ubuntu
Lua vulnerabilities
2024-07-29 00:00:00
gentoo
gentoo
Lua: Multiple Vulnerabilities
2023-05-03 00:00:00