CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

CVE-2026-1979

A flaw has been found in mruby up to 3.4.0. This affects the function mrbvmexec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This...

mruby 资源管理错误漏洞

MRuby is a lightweight implementation of the Ruby language, developed by Makesoftwaresafe as open source. Versions of MRuby 3.4.0 and earlier contain a resource management vulnerability. This vulnerability stems from a flaw in the mrbvmexec function in the src/vm.c file within the JMPNOT-to-JMPIF...

PT-2026-6673

Name of the Vulnerable Software and Affected Versions mruby versions up to 3.4.0 Description A flaw exists in mruby up to version 3.4.0 related to the JMPNOT-to-JMPIF Optimization component. The issue resides within the mrb vm exec function in the src/vm.c file and can lead to a use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2022-1106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2. CVE-2022-1106 Note that Nessus relies on the presence of the package as reported by t...

PT-2024-40627 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of Segv on an unknown address. The crash state involves several functions: udiv, mpz mdiv, and mrb bint div. No...

PT-2024-40564 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the functions mrb memsearch, str convert range, and...

PT-2024-40558 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A heap-buffer-overflow READ 2 crash has been reported. The crash involves the following functions: mrb memsearch, mrb str split m, and mrb vm exec...

PT-2023-36025 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow read issue is reported, with a crash type indicated as Heap-buffer-overflow READ 1. The crash state involves functions such as rea...

PT-2023-35755 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

PT-2022-36762 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, which occurs in the mrb str format function, followed by mrb f sprintf and mrb vm exec. ...

PT-2022-36760 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: A crash occurred due to an unknown read issue. The crash state includes functions such as pack unpack, mrb pack unpack, and mrb vm exec. Recommendations: At the moment, there is no...

UBUNTU-CVE-2022-1286

heap-buffer-overflow in mrbvmexec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited...

PT-2022-13708 · Mruby +1 · Mruby +1

Name of the Vulnerable Software and Affected Versions: mruby versions prior to 3.2 Description: The issue is related to a NULL Pointer Dereference in mrb vm exec with super, which can cause the mruby interpreter to crash. This affects the availability of the system. Recommendations: For versions...

UBUNTU-CVE-2022-1106

use after free in mrbvmexec in GitHub repository mruby/mruby prior to 3.2...

mruby 资源管理错误漏洞

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in mruby 3.1 and earlier, which stems from post-release reuse in mrbvmexec. No details of the vulnerability are provided at this time...

Heap-based Buffer Overflow in mruby/mruby

Description Heap buffer overflow on mrb-vm-exec Proof of Concept // poc.rb 1.timesuntil% ;break Result ./mruby poc.rb ================================================================= ==1451==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000023d9 at pc 0x55b2fc3f1046 bp...

OSV-2020-2081 UNKNOWN READ in presym_sym2name

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26400 Crash type: UNKNOWN READ Crash state: presymsym2name sym2namelen mrbsymnamelen...

shopify-scripts: SIGSEGV in str_buf_cat

PoC ------------------- Attached as teststrbufcat.rb Debug - mirb ------------------- Program received signal SIGSEGV, Segmentation fault. memcpysse2unaligned at ../sysdeps/x8664/multiarch/memcpy-sse2-unaligned.S:36 36 ../sysdeps/x8664/multiarch/memcpy-sse2-unaligned.S: No such file or directory...