VDB

CVE-2020-15889

CVE-2020-15889 PUBLISHED

Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.

EPSS 0.51% · 66.8th percentile

Risk Scores

EPSS Score
0.51%
66.8th percentile

Affected Products

VendorProductVersions
Bitnamilua5.4.0
Bitnamilua5.4.0

Timeline

  • Jul 21, 2020 CVE Published
  • Dec 23, 2020 CVE Updated
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›