CVE-2021-43519: Out-of-bounds Write

November 9, 2021 (updated November 7, 2023)

Stack overflow in lua_resume of ldo.c in Lua Interpreter allows attackers to perform a Denial of Service via a crafted script file.

References

lua-users.org/lists/lua-l/2021-10/msg00123.html
lua-users.org/lists/lua-l/2021-11/msg00015.html
nvd.nist.gov/vuln/detail/CVE-2021-43519

Code Behaviors & Features

Detect and mitigate CVE-2021-43519 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →