LuaRocks vulnerabilities

LuaRocksĀ vulnerabilities

Package management systems have become an integral part of development. But their security does not get enough attention. Speakers will talk about the LuaRocks package repository popular with those developing in Lua. It was never mentioned in security newsletters before. They will explain a major vulnerability which could allow to seize any account on luarocks.org and compromise all packages. They will also demonstrate exploitation of the vulnerability.

B1bc3dcad1ed97ff739e254269b7b2df?s=128

Canis Majoris

May 21, 2019
Tweet