Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Mruby Subscribe
Total 38 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0631 1 Mruby 1 Mruby 2022-02-25 7.5 HIGH 9.8 CRITICAL
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
CVE-2022-0623 1 Mruby 1 Mruby 2022-02-24 6.4 MEDIUM 9.1 CRITICAL
Out-of-bounds Read in Homebrew mruby prior to 3.2.
CVE-2022-0570 1 Mruby 1 Mruby 2022-02-22 7.5 HIGH 9.8 CRITICAL
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
CVE-2022-0525 1 Mruby 1 Mruby 2022-02-11 6.4 MEDIUM 9.1 CRITICAL
Out-of-bounds Read in Homebrew mruby prior to 3.2.
CVE-2022-0481 1 Mruby 1 Mruby 2022-02-09 7.8 HIGH 7.5 HIGH
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
CVE-2022-0326 1 Mruby 1 Mruby 2022-01-27 4.3 MEDIUM 5.5 MEDIUM
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
CVE-2022-0240 1 Mruby 1 Mruby 2022-01-24 5.0 MEDIUM 7.5 HIGH
mruby is vulnerable to NULL Pointer Dereference
CVE-2021-46020 1 Mruby 1 Mruby 2022-01-20 5.0 MEDIUM 7.5 HIGH
An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.
CVE-2022-0080 1 Mruby 1 Mruby 2022-01-11 7.5 HIGH 9.8 CRITICAL
mruby is vulnerable to Heap-based Buffer Overflow
CVE-2021-4188 1 Mruby 1 Mruby 2022-01-06 5.0 MEDIUM 7.5 HIGH
mruby is vulnerable to NULL Pointer Dereference
CVE-2021-4110 1 Mruby 1 Mruby 2021-12-15 5.0 MEDIUM 7.5 HIGH
mruby is vulnerable to NULL Pointer Dereference
CVE-2020-36401 2 Linux, Mruby 2 Linux Kernel, Mruby 2021-07-06 6.8 MEDIUM 7.8 HIGH
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
CVE-2020-6838 1 Mruby 1 Mruby 2020-01-13 7.5 HIGH 9.8 CRITICAL
In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.
CVE-2020-6839 1 Mruby 1 Mruby 2020-01-13 7.5 HIGH 9.8 CRITICAL
In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.
CVE-2020-6840 1 Mruby 1 Mruby 2020-01-13 7.5 HIGH 9.8 CRITICAL
In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.
CVE-2018-12248 1 Mruby 1 Mruby 2019-10-02 5.0 MEDIUM 7.5 HIGH
An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber.
CVE-2018-12247 1 Mruby 1 Mruby 2018-08-01 5.0 MEDIUM 7.5 HIGH
An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).
CVE-2018-10199 1 Mruby 1 Mruby 2018-05-22 7.5 HIGH 9.8 CRITICAL
In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code.