Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/08 6:18 p.m.7 views

Security Bulletin: Cargo in IBM Open SDK for Rust on AIX uses a vulnerable version of libnghttp2-sys (CVE-2025-7207, CVE-2025-12875)

Summary The cargo package manager in IBM Open SDK for Rust on AIX 1.90.0.0 and 1.90.0.0 uses the libnghttp2-sys-0.1.11+1.64.0 crate, which wraps a vulnerable version 1.64 of the nghttp2 library. Vulnerability Details CVEID:CVE-2025-12875 DESCRIPTION: A weakness has been identified in mruby 3.4.0...

7.8CVSS5.3AI score0.00214EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/09 4:24 a.m.10 views

CVE-2025-7207

A flaw was found in mruby. The scopenew function in mrbgems/mruby-compiler/core/codegen.c contains a heap-based buffer manipulation, potentially leading to memory corruption. A local attacker can trigger this vulnerability through crafted input, resulting in a potential denial of service...

4.8CVSS3.8AI score0.00214EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2025/07/09 1:15 a.m.4 views

CVE-2025-7207

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

5.5CVSS5.6AI score0.00214EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2025/07/09 12:2 a.m.3 views

CVE-2025-7207 mruby nregs codegen.c scope_new heap-based overflow

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

4.8CVSS4AI score0.00214EPSS
Exploits1References7
CVE
CVE
added 2025/07/09 12:2 a.m.31 views

CVE-2025-7207

Summary (CVE-2025-7207): A heap-based buffer overflow affects mruby up to 3.4.0-rc2, specifically the function scope_new in file mrbgems/mruby-compiler/core/codegen.c (component nregs Handler). The vulnerability can be triggered locally; an attack requires local access, and the exploit has been d...

5.5CVSS4.2AI score0.00214EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2025/07/09 12:2 a.m.32 views

CVE-2025-7207 mruby nregs codegen.c scope_new heap-based overflow

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

4.8CVSS0.00214EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2025/07/09 12:2 a.m.10 views

CVE-2025-7207

A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scopenew of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locall...

5.5CVSS4.4AI score0.00214EPSS
Exploits1
Rows per page
Query Builder