Mruby
by Mruby
Source repositories
CVEs (43)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-0631 | 0.00 | — | 0.01 | Feb 18, 2022 | Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0623 | 0.00 | — | 0.02 | Feb 17, 2022 | Out-of-bounds Read in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0614 | 0.00 | — | 0.01 | Feb 16, 2022 | Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0570 | 0.00 | — | 0.01 | Feb 13, 2022 | Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0525 | 0.00 | — | 0.01 | Feb 9, 2022 | Out-of-bounds Read in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0481 | 0.00 | — | 0.01 | Feb 4, 2022 | NULL Pointer Dereference in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0326 | 0.00 | — | 0.01 | Jan 21, 2022 | NULL Pointer Dereference in Homebrew mruby prior to 3.2. | |||
| CVE-2022-0240 | 0.00 | — | 0.01 | Jan 17, 2022 | mruby is vulnerable to NULL Pointer Dereference | |||
| CVE-2021-46020 | 0.00 | — | 0.01 | Jan 14, 2022 | An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash. | |||
| CVE-2022-0080 | 0.00 | — | 0.01 | Jan 2, 2022 | mruby is vulnerable to Heap-based Buffer Overflow | |||
| CVE-2021-4188 | 0.00 | — | 0.01 | Dec 30, 2021 | mruby is vulnerable to NULL Pointer Dereference | |||
| CVE-2021-4110 | 0.00 | — | 0.02 | Dec 15, 2021 | mruby is vulnerable to NULL Pointer Dereference | |||
| CVE-2020-36401 | 0.00 | — | 0.01 | Jul 1, 2021 | mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free). | |||
| CVE-2020-15866 | 0.00 | — | 0.02 | Jul 21, 2020 | mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function. | |||
| CVE-2020-6838 | 0.00 | — | 0.01 | Jan 11, 2020 | In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c. | |||
| CVE-2020-6839 | 0.00 | — | 0.01 | Jan 11, 2020 | In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c. | |||
| CVE-2020-6840 | 0.00 | — | 0.02 | Jan 11, 2020 | In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c. | |||
| CVE-2018-12249 | Hig | 0.00 | 7.5 | 0.02 | Jun 12, 2018 | An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c. | ||
| CVE-2018-12248 | Hig | 0.00 | 7.5 | 0.02 | Jun 12, 2018 | An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber. | ||
| CVE-2018-12247 | Hig | 0.00 | 7.5 | 0.02 | Jun 12, 2018 | An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag). |
- CVE-2022-0631Feb 18, 2022risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
- CVE-2022-0623Feb 17, 2022risk 0.00cvss —epss 0.02
Out-of-bounds Read in Homebrew mruby prior to 3.2.
- CVE-2022-0614Feb 16, 2022risk 0.00cvss —epss 0.01
Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.
- CVE-2022-0570Feb 13, 2022risk 0.00cvss —epss 0.01
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
- CVE-2022-0525Feb 9, 2022risk 0.00cvss —epss 0.01
Out-of-bounds Read in Homebrew mruby prior to 3.2.
- CVE-2022-0481Feb 4, 2022risk 0.00cvss —epss 0.01
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
- CVE-2022-0326Jan 21, 2022risk 0.00cvss —epss 0.01
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
- CVE-2022-0240Jan 17, 2022risk 0.00cvss —epss 0.01
mruby is vulnerable to NULL Pointer Dereference
- CVE-2021-46020Jan 14, 2022risk 0.00cvss —epss 0.01
An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.
- CVE-2022-0080Jan 2, 2022risk 0.00cvss —epss 0.01
mruby is vulnerable to Heap-based Buffer Overflow
- CVE-2021-4188Dec 30, 2021risk 0.00cvss —epss 0.01
mruby is vulnerable to NULL Pointer Dereference
- CVE-2021-4110Dec 15, 2021risk 0.00cvss —epss 0.02
mruby is vulnerable to NULL Pointer Dereference
- CVE-2020-36401Jul 1, 2021risk 0.00cvss —epss 0.01
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
- CVE-2020-15866Jul 21, 2020risk 0.00cvss —epss 0.02
mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.
- CVE-2020-6838Jan 11, 2020risk 0.00cvss —epss 0.01
In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.
- CVE-2020-6839Jan 11, 2020risk 0.00cvss —epss 0.01
In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.
- CVE-2020-6840Jan 11, 2020risk 0.00cvss —epss 0.02
In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.
- risk 0.00cvss 7.5epss 0.02
An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c.
- risk 0.00cvss 7.5epss 0.02
An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber.
- risk 0.00cvss 7.5epss 0.02
An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).
Page 2 of 3