Filtered by vendor Mruby
Subscriptions
Filtered by product Mruby
Subscriptions
Total
40 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-12875 | 1 Mruby | 1 Mruby | 2025-11-12 | 5.3 Medium |
| A weakness has been identified in mruby 3.4.0. This vulnerability affects the function ary_fill_exec of the file mrbgems/mruby-array-ext/src/array.c. Executing manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue. | ||||
| CVE-2025-7207 | 1 Mruby | 1 Mruby | 2025-10-01 | 3.3 Low |
| A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 1fdd96104180cc0fb5d3cb086b05ab6458911bb9. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2022-0080 | 1 Mruby | 1 Mruby | 2025-05-22 | 8.2 High |
| mruby is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2017-9527 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2025-04-20 | 7.8 High |
| The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb file. | ||||
| CVE-2021-46023 | 1 Mruby | 1 Mruby | 2025-03-20 | 7.5 High |
| An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash. | ||||
| CVE-2022-1934 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.8 High |
| Use After Free in GitHub repository mruby/mruby prior to 3.2. | ||||
| CVE-2022-1427 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.8 High |
| Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1286 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.8 Critical |
| heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1276 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.8 Critical |
| Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1212 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.8 Critical |
| Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited. | ||||
| CVE-2022-1201 | 1 Mruby | 1 Mruby | 2024-11-21 | 6.5 Medium |
| NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system. | ||||
| CVE-2022-1106 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.1 Critical |
| use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. | ||||
| CVE-2022-1071 | 1 Mruby | 1 Mruby | 2024-11-21 | 8.2 High |
| User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2. | ||||
| CVE-2022-0890 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2. | ||||
| CVE-2022-0717 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.1 Critical |
| Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2. | ||||
| CVE-2022-0632 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.5 Medium |
| NULL Pointer Dereference in Homebrew mruby prior to 3.2. | ||||
| CVE-2022-0631 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.8 Critical |
| Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. | ||||
| CVE-2022-0630 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.1 High |
| Out-of-bounds Read in Homebrew mruby prior to 3.2. | ||||
| CVE-2022-0623 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.1 Critical |
| Out-of-bounds Read in Homebrew mruby prior to 3.2. | ||||
| CVE-2022-0614 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. | ||||