Search
Total
13 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1934 | 1 Mruby | 1 Mruby | 2022-06-08 | 4.6 MEDIUM | 7.8 HIGH |
| Use After Free in GitHub repository mruby/mruby prior to 3.2. | |||||
| CVE-2018-14337 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length. | |||||
| CVE-2018-12249 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c. | |||||
| CVE-2017-9527 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 6.8 MEDIUM | 7.8 HIGH |
| The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb file. | |||||
| CVE-2022-0630 | 1 Mruby | 1 Mruby | 2022-02-28 | 5.8 MEDIUM | 7.1 HIGH |
| Out-of-bounds Read in Homebrew mruby prior to 3.2. | |||||
| CVE-2022-0481 | 1 Mruby | 1 Mruby | 2022-02-10 | 7.8 HIGH | 7.5 HIGH |
| NULL Pointer Dereference in Homebrew mruby prior to 3.2. | |||||
| CVE-2022-0240 | 1 Mruby | 1 Mruby | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| mruby is vulnerable to NULL Pointer Dereference | |||||
| CVE-2021-46020 | 1 Mruby | 1 Mruby | 2022-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | |||||
| CVE-2021-4188 | 1 Mruby | 1 Mruby | 2022-01-06 | 5.0 MEDIUM | 7.5 HIGH |
| mruby is vulnerable to NULL Pointer Dereference | |||||
| CVE-2021-4110 | 1 Mruby | 1 Mruby | 2021-12-15 | 5.0 MEDIUM | 7.5 HIGH |
| mruby is vulnerable to NULL Pointer Dereference | |||||
| CVE-2020-36401 | 2 Linux, Mruby | 2 Linux Kernel, Mruby | 2021-07-06 | 6.8 MEDIUM | 7.8 HIGH |
| mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free). | |||||
| CVE-2018-12248 | 1 Mruby | 1 Mruby | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber. | |||||
| CVE-2018-12247 | 1 Mruby | 1 Mruby | 2018-08-01 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag). | |||||