in mruby/mruby

Description NULL Pointer Dereference on easet Proof of Concept // poc.rb ...1, From: +- 2 Result mruby/bin/mruby poc.rb AddressSanitizer:DEADLYSIGNAL ================================================================= ==28787==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000001 pc...

Heap-based Buffer Overflow in mruby/mruby

Description Heap buffer overflow in mruby Proof of Concept // poc.rb %= % .clear ensure begin unless ?n = % :regex or 11 Compile mruby with asan git clone https://github.com/mruby/mruby cd mruby LDFLAGS="-fsanitize=address" CFLAGS="-fsanitize=address -g" make ./bin/mruby poc.rb Result ./bin/mruby...

Denial Of Service (DoS)

mruby is vulnerable to denial of service. It is possible due to a double free in mrbdefaultallocf called from mrbfree and objfree...

mruby resource management error vulnerability

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in Mruby 2.1.2, which stems from the fact that Mruby has a double free in the default allocf of the MRB.No details of the vulnerability are provided at this time...

CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

DEBIAN-CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

UBUNTU-CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

Double free

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

CVE-2020-36401

The affected component is mruby 2.1.2, which contains a vulnerability described as a double free in mrb_default_allocf (called from mrb_free and obj_free). This is the root cause stated across multiple sources. The CVE-2020-36401 entry documents the issue without giving vendor patches or fixed ve...

CVE-2020-36401

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

mruby 资源管理错误漏洞

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in Mruby 2.1.2, which stems from the fact that Mruby has a double free in the default allocf of the MRB.No details of the vulnerability are provided at this time...

[ASA-202107-10] mruby: arbitrary code execution

Arch Linux Security Advisory ASA-202107-10 ========================================== Severity: Medium Date : 2021-07-01 CVE-ID : CVE-2020-36401 Package : mruby Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2116 Summary ======= The package mruby before...

double free vulnerabliity

mruby 2.1.2 has a double free in mrbdefaultallocf called from mrbfree and objfree...

Security update for nghttp2 (moderate)

openSUSE Security Update: Security update for nghttp2 Announcement ID: openSUSE-SU-2021:0341-1 Rating: moderate References: 1159003 1166481 Cross-References: CVE-2019-18802 CVSS scores: CVE-2019-18802 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2019-18802 SUSE: 7.5...

Buffer Overflow

mruby is vulnerable to buffer overflow. The vulnerability exist because of incorrect VM stack handling...

mruby buffer overflow vulnerability (CNVD-2020-42943)

mruby is a lightweight implementation of the Ruby language. A buffer overflow vulnerability exists in the 'mrbyieldwithclass' function in the vm.c file in mruby 2.1.2-rc and earlier. The vulnerability stems from a networked system or product performing operations in memory without properly...

CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrbyieldwithclass function in vm.c because of incorrect VM stack handling. It can be triggered via the stackcopy function...