Security Advisory

CVE-2022-28805

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-08 00:00:00

Last updated 2024-08-03 06:03:53

Assigner mitre

State PUBLISHED

Description

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

← Browse all CVEs View on cve.org ↗