Signed integer overflow in mrb_str_format

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrbstrresize function in string.c does not check for a negative length...

mruby Denial of Service Vulnerability (CNVD-2018-12149)

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in mruby version 1.4.1 in mrbclass. An attacker can exploit this vulnerability to cause a denial of service crash...

mruby buffer overflow vulnerability

mruby is a lightweight implementation of the Ruby language. A heap buffer overflow vulnerability exists in mruby version 1.4.1, which stems from the failure of the mrbgems/mruby-fiber/src/fiber.c file to have room to extend the stack when a large number of parameters are passed to fiber. An...

mruby Denial of Service Vulnerability (CNVD-2018-12148)

mruby is a lightweight implementation of the Ruby language. A security vulnerability exists in the 'mrbclassreal' function in mruby version 1.4.1, which stems from the program failing to properly support 'BasicObject'. An attacker can exploit this vulnerability to cause a denial of service crash...

CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

UBUNTU-CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

Null pointer dereference

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

Null pointer dereference

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclassreal because "class BasicObject" is not properly supported in class.c...

CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...

CVE-2018-12249

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclassreal because "class BasicObject" is not properly supported in class.c...

CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

CVE-2018-12249

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclassreal because "class BasicObject" is not properly supported in class.c...

DEBIAN-CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

UBUNTU-CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

UBUNTU-CVE-2018-12249

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclassreal because "class BasicObject" is not properly supported in class.c...

Heap overflow

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OPENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber...

DEBIAN-CVE-2018-12249

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclassreal because "class BasicObject" is not properly supported in class.c...

CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrbclass, related to certain .clone usage, because mrbobjclone in kernel.c copies flags other than the MRBFLAGISFROZEN flag e.g., the embedded flag...