Vulnerabilites related to mruby - mruby/mruby
cve-2022-0525
Vulnerability from cvelistv5
Published
2022-02-09 03:45
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds Read in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-09T03:45:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7", }, ], source: { advisory: "e19e109f-acf0-4048-8ee8-1b10a870f1e9", discovery: "EXTERNAL", }, title: "Out-of-bounds Read in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0525", STATE: "PUBLIC", TITLE: "Out-of-bounds Read in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds Read in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9", refsource: "CONFIRM", url: "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9", }, { name: "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7", }, ], }, source: { advisory: "e19e109f-acf0-4048-8ee8-1b10a870f1e9", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0525", datePublished: "2022-02-09T03:45:10", dateReserved: "2022-02-08T00:00:00", dateUpdated: "2024-08-02T23:32:46.180Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1286
Vulnerability from cvelistv5
Published
2022-04-10 10:40
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.606Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122 Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-10T10:40:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9", }, ], source: { advisory: "f918376e-b488-4113-963d-ffe8716e4189", discovery: "EXTERNAL", }, title: "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1286", STATE: "PUBLIC", TITLE: "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122 Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189", refsource: "CONFIRM", url: "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189", }, { name: "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9", }, ], }, source: { advisory: "f918376e-b488-4113-963d-ffe8716e4189", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1286", datePublished: "2022-04-10T10:40:09", dateReserved: "2022-04-09T00:00:00", dateUpdated: "2024-08-02T23:55:24.606Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0717
Vulnerability from cvelistv5
Published
2022-02-23 02:05
Modified
2024-08-02 23:40
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:40:03.266Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-23T02:05:11", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76", }, ], source: { advisory: "27a851a5-7ebf-409b-854f-b2614771e8f9", discovery: "EXTERNAL", }, title: "Out-of-bounds Read in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0717", STATE: "PUBLIC", TITLE: "Out-of-bounds Read in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9", refsource: "CONFIRM", url: "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9", }, { name: "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76", }, ], }, source: { advisory: "27a851a5-7ebf-409b-854f-b2614771e8f9", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0717", datePublished: "2022-02-23T02:05:11", dateReserved: "2022-02-22T00:00:00", dateUpdated: "2024-08-02T23:40:03.266Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1276
Vulnerability from cvelistv5
Published
2022-04-10 09:35
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.623Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-10T09:35:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6", }, ], source: { advisory: "6ea041d1-e2aa-472c-bf3e-da5fa8726c25", discovery: "EXTERNAL", }, title: "Out-of-bounds Read in mrb_get_args in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1276", STATE: "PUBLIC", TITLE: "Out-of-bounds Read in mrb_get_args in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25", refsource: "CONFIRM", url: "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25", }, { name: "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6", }, ], }, source: { advisory: "6ea041d1-e2aa-472c-bf3e-da5fa8726c25", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1276", datePublished: "2022-04-10T09:35:10", dateReserved: "2022-04-08T00:00:00", dateUpdated: "2024-08-02T23:55:24.623Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0630
Vulnerability from cvelistv5
Published
2022-02-19 13:55
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad | x_refsource_MISC | |
| https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.461Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds Read in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-19T13:55:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32", }, ], source: { advisory: "f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32", discovery: "EXTERNAL", }, title: "Out-of-bounds Read in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0630", STATE: "PUBLIC", TITLE: "Out-of-bounds Read in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds Read in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, { name: "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32", refsource: "CONFIRM", url: "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32", }, ], }, source: { advisory: "f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0630", datePublished: "2022-02-19T13:55:09", dateReserved: "2022-02-16T00:00:00", dateUpdated: "2024-08-02T23:32:46.461Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0631
Vulnerability from cvelistv5
Published
2022-02-18 13:55
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.546Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122 Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-18T13:55:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299", }, ], source: { advisory: "9bdc49ca-6697-4adc-a785-081e1961bf40", discovery: "EXTERNAL", }, title: "Heap-based Buffer Overflow in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0631", STATE: "PUBLIC", TITLE: "Heap-based Buffer Overflow in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122 Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40", refsource: "CONFIRM", url: "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40", }, { name: "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299", }, ], }, source: { advisory: "9bdc49ca-6697-4adc-a785-081e1961bf40", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0631", datePublished: "2022-02-18T13:55:10", dateReserved: "2022-02-16T00:00:00", dateUpdated: "2024-08-02T23:32:46.546Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1106
Vulnerability from cvelistv5
Published
2022-03-27 14:05
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:23.753Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-27T14:05:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c", }, ], source: { advisory: "16b9d0ea-71ed-41bc-8a88-2deb4c20be8f", discovery: "EXTERNAL", }, title: "use after free in mrb_vm_exec in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1106", STATE: "PUBLIC", TITLE: "use after free in mrb_vm_exec in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416 Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f", refsource: "CONFIRM", url: "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f", }, { name: "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c", }, ], }, source: { advisory: "16b9d0ea-71ed-41bc-8a88-2deb4c20be8f", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1106", datePublished: "2022-03-27T14:05:10", dateReserved: "2022-03-26T00:00:00", dateUpdated: "2024-08-02T23:55:23.753Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-4188
Vulnerability from cvelistv5
Published
2021-12-30 06:55
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
mruby is vulnerable to NULL Pointer Dereference
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:16:04.248Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "mruby is vulnerable to NULL Pointer Dereference", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-30T06:55:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8", }, ], source: { advisory: "78533fb9-f3e0-47c2-86dc-d1f96d5bea28", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2021-4188", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.1", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mruby is vulnerable to NULL Pointer Dereference", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.8, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28", refsource: "CONFIRM", url: "https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28", }, { name: "https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8", }, ], }, source: { advisory: "78533fb9-f3e0-47c2-86dc-d1f96d5bea28", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2021-4188", datePublished: "2021-12-30T06:55:09", dateReserved: "2021-12-29T00:00:00", dateUpdated: "2024-08-03T17:16:04.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0481
Vulnerability from cvelistv5
Published
2022-02-04 22:33
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:44.777Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NULL Pointer Dereference in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-04T22:33:00", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e", }, ], source: { advisory: "54725c8c-87f4-41b6-878c-01d8e0ee7027", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0481", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NULL Pointer Dereference in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027", refsource: "CONFIRM", url: "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027", }, { name: "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e", }, ], }, source: { advisory: "54725c8c-87f4-41b6-878c-01d8e0ee7027", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0481", datePublished: "2022-02-04T22:33:00", dateReserved: "2022-02-03T00:00:00", dateUpdated: "2024-08-02T23:32:44.777Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0240
Vulnerability from cvelistv5
Published
2022-01-17 13:35
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
mruby is vulnerable to NULL Pointer Dereference
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:42.889Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "mruby is vulnerable to NULL Pointer Dereference", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-17T13:35:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca", }, ], source: { advisory: "5857eced-aad9-417d-864e-0bdf17226cbb", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0240", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mruby is vulnerable to NULL Pointer Dereference", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb", refsource: "CONFIRM", url: "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb", }, { name: "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca", }, ], }, source: { advisory: "5857eced-aad9-417d-864e-0bdf17226cbb", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0240", datePublished: "2022-01-17T13:35:10", dateReserved: "2022-01-16T00:00:00", dateUpdated: "2024-08-02T23:18:42.889Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0632
Vulnerability from cvelistv5
Published
2022-02-19 14:00
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.436Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NULL Pointer Dereference in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-19T14:00:12", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d", }, ], source: { advisory: "3e5bb8f6-30fd-4553-86dd-761e9459ce1b", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0632", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NULL Pointer Dereference in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b", refsource: "CONFIRM", url: "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b", }, { name: "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d", }, ], }, source: { advisory: "3e5bb8f6-30fd-4553-86dd-761e9459ce1b", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0632", datePublished: "2022-02-19T14:00:12", dateReserved: "2022-02-16T00:00:00", dateUpdated: "2024-08-02T23:32:46.436Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0326
Vulnerability from cvelistv5
Published
2022-01-21 06:45
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:25:40.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NULL Pointer Dereference in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-21T06:45:12", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e", }, ], source: { advisory: "795dcbd9-1695-44bb-8c59-ad327c97c976", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0326", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NULL Pointer Dereference in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976", refsource: "CONFIRM", url: "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976", }, { name: "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e", }, ], }, source: { advisory: "795dcbd9-1695-44bb-8c59-ad327c97c976", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0326", datePublished: "2022-01-21T06:45:12", dateReserved: "2022-01-21T00:00:00", dateUpdated: "2024-08-02T23:25:40.180Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0570
Vulnerability from cvelistv5
Published
2022-02-13 04:50
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.035Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122 Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-13T04:50:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad", }, ], source: { advisory: "65a7632e-f95b-4836-b1a7-9cb95e5124f1", discovery: "EXTERNAL", }, title: "Heap-based Buffer Overflow in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0570", STATE: "PUBLIC", TITLE: "Heap-based Buffer Overflow in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122 Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1", refsource: "CONFIRM", url: "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1", }, { name: "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad", }, ], }, source: { advisory: "65a7632e-f95b-4836-b1a7-9cb95e5124f1", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0570", datePublished: "2022-02-13T04:50:10", dateReserved: "2022-02-12T00:00:00", dateUpdated: "2024-08-02T23:32:46.035Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1071
Vulnerability from cvelistv5
Published
2022-03-26 03:40
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:47:43.321Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-26T03:40:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f", }, ], source: { advisory: "6597ece9-07af-415b-809b-919ce0a17cf3", discovery: "EXTERNAL", }, title: "User after free in mrb_vm_exec in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1071", STATE: "PUBLIC", TITLE: "User after free in mrb_vm_exec in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416 Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3", refsource: "CONFIRM", url: "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3", }, { name: "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f", }, ], }, source: { advisory: "6597ece9-07af-415b-809b-919ce0a17cf3", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1071", datePublished: "2022-03-26T03:40:10", dateReserved: "2022-03-25T00:00:00", dateUpdated: "2024-08-02T23:47:43.321Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0614
Vulnerability from cvelistv5
Published
2022-02-16 09:40
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.442Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-823", description: "CWE-823 Use of Out-of-range Pointer Offset", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-16T09:40:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, ], source: { advisory: "a980ce4d-c359-4425-92c4-e844c0055879", discovery: "EXTERNAL", }, title: "Use of Out-of-range Pointer Offset in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0614", STATE: "PUBLIC", TITLE: "Use of Out-of-range Pointer Offset in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-823 Use of Out-of-range Pointer Offset", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879", refsource: "CONFIRM", url: "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879", }, { name: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, ], }, source: { advisory: "a980ce4d-c359-4425-92c4-e844c0055879", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0614", datePublished: "2022-02-16T09:40:10", dateReserved: "2022-02-15T00:00:00", dateUpdated: "2024-08-02T23:32:46.442Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0890
Vulnerability from cvelistv5
Published
2022-03-10 01:10
Modified
2024-08-02 23:47
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:47:42.118Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-03-10T01:10:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa", }, ], source: { advisory: "68e09ec1-6cc7-48b8-981d-30f478c70276", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0890", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276", refsource: "CONFIRM", url: "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276", }, { name: "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa", }, ], }, source: { advisory: "68e09ec1-6cc7-48b8-981d-30f478c70276", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0890", datePublished: "2022-03-10T01:10:09", dateReserved: "2022-03-09T00:00:00", dateUpdated: "2024-08-02T23:47:42.118Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0623
Vulnerability from cvelistv5
Published
2022-02-17 06:30
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad | x_refsource_MISC | |
| https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:32:46.438Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds Read in Homebrew mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-17T06:30:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580", }, ], source: { advisory: "5b908ac7-d8f1-4fcd-9355-85df565f7580", discovery: "EXTERNAL", }, title: "Out-of-bounds Read in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0623", STATE: "PUBLIC", TITLE: "Out-of-bounds Read in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds Read in Homebrew mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad", }, { name: "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580", refsource: "CONFIRM", url: "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580", }, ], }, source: { advisory: "5b908ac7-d8f1-4fcd-9355-85df565f7580", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0623", datePublished: "2022-02-17T06:30:10", dateReserved: "2022-02-16T00:00:00", dateUpdated: "2024-08-02T23:32:46.438Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0080
Vulnerability from cvelistv5
Published
2022-01-02 11:30
Modified
2024-08-02 23:18
Severity ?
EPSS score ?
Summary
mruby is vulnerable to Heap-based Buffer Overflow
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:41.526Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "mruby is vulnerable to Heap-based Buffer Overflow", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-122", description: "CWE-122 Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-02T11:30:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6", }, ], source: { advisory: "59a70392-4864-4ce3-8e35-6ac2111d1e2e", discovery: "EXTERNAL", }, title: "Heap-based Buffer Overflow in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-0080", STATE: "PUBLIC", TITLE: "Heap-based Buffer Overflow in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.1", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mruby is vulnerable to Heap-based Buffer Overflow", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-122 Heap-based Buffer Overflow", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e", refsource: "CONFIRM", url: "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e", }, { name: "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6", }, ], }, source: { advisory: "59a70392-4864-4ce3-8e35-6ac2111d1e2e", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-0080", datePublished: "2022-01-02T11:30:09", dateReserved: "2022-01-01T00:00:00", dateUpdated: "2024-08-02T23:18:41.526Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1201
Vulnerability from cvelistv5
Published
2022-04-02 07:45
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.340Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-02T07:45:34", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae", }, ], source: { advisory: "6f930add-c9d8-4870-ae56-d4bd8354703b", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1201", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.1, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b", refsource: "CONFIRM", url: "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b", }, { name: "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae", }, ], }, source: { advisory: "6f930add-c9d8-4870-ae56-d4bd8354703b", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1201", datePublished: "2022-04-02T07:45:34", dateReserved: "2022-04-01T00:00:00", dateUpdated: "2024-08-02T23:55:24.340Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1934
Vulnerability from cvelistv5
Published
2022-05-31 02:20
Modified
2024-08-03 00:24
Severity ?
EPSS score ?
Summary
Use After Free in GitHub repository mruby/mruby prior to 3.2.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:24:42.561Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use After Free in GitHub repository mruby/mruby prior to 3.2.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-05-31T02:20:12", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce", }, ], source: { advisory: "99e6df06-b9f7-4c53-a722-6bb89fbfb51f", discovery: "EXTERNAL", }, title: "Use After Free in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1934", STATE: "PUBLIC", TITLE: "Use After Free in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use After Free in GitHub repository mruby/mruby prior to 3.2.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.1, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416 Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f", refsource: "CONFIRM", url: "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f", }, { name: "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce", }, ], }, source: { advisory: "99e6df06-b9f7-4c53-a722-6bb89fbfb51f", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1934", datePublished: "2022-05-31T02:20:12", dateReserved: "2022-05-30T00:00:00", dateUpdated: "2024-08-03T00:24:42.561Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-4110
Vulnerability from cvelistv5
Published
2021-12-15 04:40
Modified
2024-08-03 17:16
Severity ?
EPSS score ?
Summary
mruby is vulnerable to NULL Pointer Dereference
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/4ce5dc47-2512-4c87-8609-453adc8cad20 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/f5e10c5a79a17939af763b1dcf5232ce47e24a34 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T17:16:04.173Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/4ce5dc47-2512-4c87-8609-453adc8cad20", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/f5e10c5a79a17939af763b1dcf5232ce47e24a34", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.1", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "mruby is vulnerable to NULL Pointer Dereference", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-476", description: "CWE-476 NULL Pointer Dereference", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-12-15T04:40:10", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/4ce5dc47-2512-4c87-8609-453adc8cad20", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/f5e10c5a79a17939af763b1dcf5232ce47e24a34", }, ], source: { advisory: "4ce5dc47-2512-4c87-8609-453adc8cad20", discovery: "EXTERNAL", }, title: "NULL Pointer Dereference in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2021-4110", STATE: "PUBLIC", TITLE: "NULL Pointer Dereference in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.1", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mruby is vulnerable to NULL Pointer Dereference", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-476 NULL Pointer Dereference", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/4ce5dc47-2512-4c87-8609-453adc8cad20", refsource: "CONFIRM", url: "https://huntr.dev/bounties/4ce5dc47-2512-4c87-8609-453adc8cad20", }, { name: "https://github.com/mruby/mruby/commit/f5e10c5a79a17939af763b1dcf5232ce47e24a34", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/f5e10c5a79a17939af763b1dcf5232ce47e24a34", }, ], }, source: { advisory: "4ce5dc47-2512-4c87-8609-453adc8cad20", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2021-4110", datePublished: "2021-12-15T04:40:10", dateReserved: "2021-12-14T00:00:00", dateUpdated: "2024-08-03T17:16:04.173Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1212
Vulnerability from cvelistv5
Published
2022-04-05 03:45
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.452Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 Use After Free", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-05T03:45:19", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6", }, ], source: { advisory: "9fcc06d0-08e4-49c8-afda-2cae40946abe", discovery: "EXTERNAL", }, title: "Use-After-Free in str_escape in mruby/mruby in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1212", STATE: "PUBLIC", TITLE: "Use-After-Free in str_escape in mruby/mruby in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416 Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe", refsource: "CONFIRM", url: "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe", }, { name: "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6", }, ], }, source: { advisory: "9fcc06d0-08e4-49c8-afda-2cae40946abe", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1212", datePublished: "2022-04-05T03:45:19", dateReserved: "2022-04-04T00:00:00", dateUpdated: "2024-08-02T23:55:24.452Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-1427
Vulnerability from cvelistv5
Published
2022-04-22 23:35
Modified
2024-08-03 00:03
Severity ?
EPSS score ?
Summary
Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.
References
| ▼ | URL | Tags |
|---|---|---|
| https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301 | x_refsource_CONFIRM | |
| https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Version: unspecified < 3.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T00:03:06.197Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "mruby/mruby", vendor: "mruby", versions: [ { lessThan: "3.2", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-04-22T23:35:09", orgId: "c09c270a-b464-47c1-9133-acb35b22c19a", shortName: "@huntrdev", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b", }, ], source: { advisory: "23b6f0a9-64f5-421e-a55f-b5b7a671f301", discovery: "EXTERNAL", }, title: "Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@huntr.dev", ID: "CVE-2022-1427", STATE: "PUBLIC", TITLE: "Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "mruby/mruby", version: { version_data: [ { version_affected: "<", version_value: "3.2", }, ], }, }, ], }, vendor_name: "mruby", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125 Out-of-bounds Read", }, ], }, ], }, references: { reference_data: [ { name: "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301", refsource: "CONFIRM", url: "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301", }, { name: "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b", refsource: "MISC", url: "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b", }, ], }, source: { advisory: "23b6f0a9-64f5-421e-a55f-b5b7a671f301", discovery: "EXTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "c09c270a-b464-47c1-9133-acb35b22c19a", assignerShortName: "@huntrdev", cveId: "CVE-2022-1427", datePublished: "2022-04-22T23:35:09", dateReserved: "2022-04-21T00:00:00", dateUpdated: "2024-08-03T00:03:06.197Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }