{"affected":[{"ecosystem_specific":{"binaries":[{"lua51-luajit":"2.1.0~beta2-150000.3.3.1","lua51-luajit-devel":"2.1.0~beta2-150000.3.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"lua51-luajit","purl":"pkg:rpm/opensuse/lua51-luajit&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.1.0~beta2-150000.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for lua51-luajit fixes the following issues:\n\n- CVE-2024-25176: Fixed stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c (bsc#1246077)\n- CVE-2024-25177: Fixed unsinking of IR_FSTORE for NULL metatable (bsc#1246078)\n- CVE-2024-25178: Fixed ut-of-bounds read in the stack-overflow handler in lj_state.c (bsc#1246079)\n","id":"SUSE-SU-2025:02886-1","modified":"2025-08-19T07:08:36Z","published":"2025-08-19T07:08:36Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202502886-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246077"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246078"},{"type":"REPORT","url":"https://bugzilla.suse.com/1246079"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-25176"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-25177"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-25178"}],"related":["CVE-2024-25176","CVE-2024-25177","CVE-2024-25178"],"summary":"Security update for lua51-luajit","upstream":["CVE-2024-25176","CVE-2024-25177","CVE-2024-25178"]}