CVE-2020-15888

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Lua versions prior to 5.4.0

Description The issue is related to how Lua handles the interaction between stack resizes and garbage collection, leading to potential heap-based buffer overflow, heap-based buffer over-read, or use-after-free.

Recommendations For versions prior to 5.4.0, update to version 5.4.0 or later to resolve the issue.

Exploit

Fix

Out of bounds Read

Use After Free

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-416CWE-787

Related Identifiers

AZL-6670

BIT-LUA-2020-15888

CVE-2020-15888

OPENSUSE-SU-2024:11029-1

OPENSUSE-SU-2025:15401-1

Affected Products

Lua

CVE-2020-15888

Weakness Enumeration

Related Identifiers

Affected Products

References · 22