bullet3 icon indicating copy to clipboard operation
bullet3 copied to clipboard
verified publisher icon bulletphysics

Fix: Potential Vulnerability in Cloned Function

Open tabudz opened this issue 10 months ago • 0 comments

Description This PR fixes a security vulnerability in luaD_shrinkstack() that was cloned from lua but did not receive the security patch. The original issue was reported and fixed under https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7. This PR applies the same patch to eliminate the vulnerability.

References https://nvd.nist.gov/vuln/detail/CVE-2020-15888 https://github.com/lua/lua/commit/6298903e35217ab69c279056f925fb72900ce0b7

tabudz avatar Feb 27 '25 04:02 tabudz