CVE-2020-24342
Published
CVSS v3
7.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
A copy of the Lua development repository, as seen by the Lua team. Mirrored irregularly. All communication should be through the Lua mailing list https://www.lua.org/lua-l.html
GitHub