NPLRuntime icon indicating copy to clipboard operation
NPLRuntime copied to clipboard
verified publisher icon LiXizhi

Potential Vulnerability in Cloned Code

Open tabudz opened this issue 2 months ago • 0 comments

Summary

Our tool detected a potential vulnerability in Client/trunk/externals/bullet3/btgui/lua-5.2.3/src/lparser.c which was cloned from lua/lua but did not receive the security patch applied in lua/lua. The original issue was reported and fixed under https://nvd.nist.gov/vuln/detail/cve-2022-28805.

Proposed Fix

Apply the same patch as the one in lua/lua to eliminate the vulnerability.

Reference

https://nvd.nist.gov/vuln/detail/cve-2022-28805 https://github.com/lua/lua/commit/1f3c6f4534c6411313361697d98d1145a1f030fa

tabudz avatar Oct 27 '25 04:10 tabudz