CLSA-2026-1777976277

Import Source

JSON Data

https://api.test.osv.dev/v1/vulns/CLSA-2026-1777976277

Upstream

Published

2026-05-20T10:32:56Z

Modified

2026-06-04T09:45:22.242147711Z

Summary

Fix CVE(s): CVE-2022-24834

Details

SECURITY UPDATE: Integer overflow in Lua cmsgpack library
- debian/patches/CVE-2022-24834.patch: partial backport hardening deps/lua/src/luacmsgpack.c against integer overflows in mpbufappend and the encode/decode helpers (cmsgpack-only; the cjson half of the upstream fix is dead code under USESYSTEM_LUA=yes and is tracked via the lua-cjson source package)
- CVE-2022-24834

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.0.14-1+deb10u5+tuxcare.els2

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777976277.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.0.14-1+deb10u5+tuxcare.els2

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777976277.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.0.14-1+deb10u5+tuxcare.els2

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777976277.json"

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5:5.0.14-1+deb10u5+tuxcare.els2

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1777976277.json"