CVE-2020-9432
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-9432
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-9432.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-9432
- Published
- 2020-02-27T23:15:13Z
- Modified
- 2025-10-15T12:01:10.181812Z
- Severity
-
- 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
opensslx509checkhost in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values.
- References
Affected packages
Git / github.com/zhaozg/lua-openssl
Affected ranges
- Type
- GIT
- Repo
- https://github.com/zhaozg/lua-openssl
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.1.0
0.1.1
0.1.2
0.2.0
0.4.1
0.5.0
0.5.1
0.6.0
0.7.0
0.7.1
0.7.3
0.7.4
0.7.5-1
0.7.5-2
0.7.6
0.7.6-0
0.7.7-0
0.7.7-1
Other
C_HAPPY
Database specific
vanir_signatures
[
{
"target": {
"file": "src/x509.c"
},
"id": "CVE-2020-9432-4cd06e71",
"digest": {
"threshold": 0.9,
"line_hashes": [
"22836928595141529191685066850239619692",
"106986599387145525724451224660792847728",
"74519493262181466487554845384721794197",
"280888697867625331802704877235200227850",
"154054483220335846088511579446771486198",
"267533254134363377221949607979454604173",
"204981990212129680332363758085545307157",
"98992530393241901116686313086310177480",
"199227878408358081214466100192279965724",
"263702157484803571036870144748488251008",
"114318720954917247870547837822146629124",
"158357684900794345507666529047056020078",
"286866290659580155390661045384064128722",
"62721994530567100456368683266321619178",
"338618646758722476582036498879945359214",
"21619890300510651674773521607288503115",
"8212954358513412705418709013267405046",
"280942455060433503104360855483769610810",
"154054483220335846088511579446771486198",
"140483780634121643654969306893870401393",
"250075708853721252695872960273065033465",
"42884903506212574266368785134170189183",
"163396166393160608506044128422848113751",
"191927627488366321391462267361978969928",
"114318720954917247870547837822146629124",
"158357684900794345507666529047056020078",
"286866290659580155390661045384064128722",
"62721994530567100456368683266321619178",
"19681102626805246663346430582904307565",
"204769768318649298398039653033569721668",
"170577991034165706602269700991028725584",
"173127064005335983533428555194088315219",
"154054483220335846088511579446771486198",
"131858774167645964644283333562486905539",
"123651588734344222801094137325714376389",
"217740108185072063595681728183804721025",
"66871048032382998330533506938251219862",
"16007539079517029650398958902187359152",
"114318720954917247870547837822146629124",
"158357684900794345507666529047056020078",
"286866290659580155390661045384064128722",
"62721994530567100456368683266321619178",
"239742531813508266450201264989882792971",
"333821922633842582382169847452655361403",
"205597527275293017208162709560329350674",
"125826910505508727062612260713313689546",
"92283327004125836655248403816180716048",
"88926759931379200059650330603768468238",
"305696137179422424732345674295111661694",
"273356457451933493806803886546582776432",
"806049896540884234618375034756838632",
"232002524926097764894727784569915899436",
"77000589996979842036546471927252202210"
]
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/zhaozg/lua-openssl/commit/a6dc186dd4b6b9e329a93cca3e7e3cfccfdf3cca",
"signature_type": "Line"
},
{
"target": {
"function": "LUA_FUNCTION",
"file": "src/x509.c"
},
"id": "CVE-2020-9432-69676495",
"digest": {
"function_hash": "210547734265287479549050857811642547746",
"length": 236.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/zhaozg/lua-openssl/commit/a6dc186dd4b6b9e329a93cca3e7e3cfccfdf3cca",
"signature_type": "Function"
},
{
"target": {
"function": "luaopen_x509",
"file": "src/x509.c"
},
"id": "CVE-2020-9432-7fad6c9f",
"digest": {
"function_hash": "259637873822822212959615126157613673457",
"length": 650.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/zhaozg/lua-openssl/commit/a6dc186dd4b6b9e329a93cca3e7e3cfccfdf3cca",
"signature_type": "Function"
},
{
"target": {
"function": "LUA_FUNCTION",
"file": "src/x509.c"
},
"id": "CVE-2020-9432-93b7a8a3",
"digest": {
"function_hash": "252935993758650179501788748738468892715",
"length": 255.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/zhaozg/lua-openssl/commit/a6dc186dd4b6b9e329a93cca3e7e3cfccfdf3cca",
"signature_type": "Function"
},
{
"target": {
"function": "LUA_FUNCTION",
"file": "src/x509.c"
},
"id": "CVE-2020-9432-b3ef22ba",
"digest": {
"function_hash": "44989120962245007864346131133540376789",
"length": 262.0
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/zhaozg/lua-openssl/commit/a6dc186dd4b6b9e329a93cca3e7e3cfccfdf3cca",
"signature_type": "Function"
}
]