Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:conan/lua@5.4.4
purl pkg:conan/lua@5.4.4
Tags Ghost
Next non-vulnerable version 5.4.6
Latest non-vulnerable version 5.4.6
Risk 2.8
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-genu-xfqb-ryfk
Aliases:
CVE-2022-28805
Out-of-bounds Read singlevar in lparser.c in Lua through 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code. There are no reported fixed by versions.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:44:28.543747+00:00 GitLab Importer Fixing VCID-h37s-ads2-zugj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lua/CVE-2021-45985.yml 38.6.0
2026-06-02T04:42:00.147719+00:00 GitLab Importer Affected by VCID-genu-xfqb-ryfk https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lua/CVE-2022-28805.yml 38.6.0
2026-06-02T04:41:47.937413+00:00 GitLab Importer Fixing VCID-pdpa-5dks-u7a9 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lua/CVE-2021-44964.yml 38.6.0
2026-06-02T04:40:56.052082+00:00 GitLab Importer Fixing VCID-sypb-grma-cfhq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lua/CVE-2021-44647.yml 38.6.0
2026-06-02T04:40:22.330920+00:00 GitLab Importer Fixing VCID-9hw6-zjwq-83gr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/lua/CVE-2021-43519.yml 38.6.0