Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Mruby Security Vulnerabilities

cve
cve

CVE-2021-46023

An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application...

7.5CVSS

7.3AI Score

0.001EPSS

2023-02-14 04:15 PM
143
cve
cve

CVE-2022-1201

NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the...

6.5CVSS

6.3AI Score

0.0004EPSS

2022-04-02 08:15 AM
80
cve
cve

CVE-2022-0614

Use of Out-of-range Pointer Offset in Homebrew mruby prior to...

5.5CVSS

5.4AI Score

0.001EPSS

2022-02-16 10:15 AM
64
cve
cve

CVE-2022-1427

Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being...

7.8CVSS

7.9AI Score

0.0005EPSS

2022-04-23 12:15 AM
71
cve
cve

CVE-2018-10199

In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary...

9.8CVSS

9.7AI Score

0.003EPSS

2022-10-03 04:22 PM
30
cve
cve

CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded...

7.5CVSS

7.5AI Score

0.001EPSS

2022-10-03 04:22 PM
26
cve
cve

CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to...

7.5CVSS

7.6AI Score

0.001EPSS

2022-10-03 04:22 PM
37
cve
cve

CVE-2022-1934

Use After Free in GitHub repository mruby/mruby prior to...

7.8CVSS

7.6AI Score

0.0005EPSS

2022-05-31 03:15 AM
48
15
cve
cve

CVE-2022-1286

heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being...

9.8CVSS

9.7AI Score

0.002EPSS

2022-04-10 11:15 AM
52
2
cve
cve

CVE-2022-1276

Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being...

9.8CVSS

9.7AI Score

0.002EPSS

2022-04-10 10:15 AM
118
cve
cve

CVE-2022-1212

Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being...

9.8CVSS

9.7AI Score

0.002EPSS

2022-04-05 04:15 AM
54
cve
cve

CVE-2022-1106

use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to...

9.1CVSS

9.3AI Score

0.002EPSS

2022-03-27 02:15 PM
76
cve
cve

CVE-2022-1071

User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to...

8.2CVSS

8.3AI Score

0.0005EPSS

2022-03-26 04:15 AM
82
cve
cve

CVE-2022-0890

NULL Pointer Dereference in GitHub repository mruby/mruby prior to...

5.5CVSS

5.3AI Score

0.001EPSS

2022-03-10 01:15 AM
94
cve
cve

CVE-2022-0717

Out-of-bounds Read in GitHub repository mruby/mruby prior to...

9.1CVSS

9.2AI Score

0.002EPSS

2022-02-23 02:15 AM
62
cve
cve

CVE-2022-0632

NULL Pointer Dereference in Homebrew mruby prior to...

5.5CVSS

5.3AI Score

0.001EPSS

2022-02-19 02:15 PM
97
cve
cve

CVE-2022-0630

Out-of-bounds Read in Homebrew mruby prior to...

7.1CVSS

6.7AI Score

0.001EPSS

2022-02-19 02:15 PM
61
cve
cve

CVE-2022-0631

Heap-based Buffer Overflow in Homebrew mruby prior to...

9.8CVSS

9.3AI Score

0.002EPSS

2022-02-18 02:15 PM
87
cve
cve

CVE-2022-0623

Out-of-bounds Read in Homebrew mruby prior to...

9.1CVSS

9AI Score

0.002EPSS

2022-02-17 07:15 AM
66
cve
cve

CVE-2022-0570

Heap-based Buffer Overflow in Homebrew mruby prior to...

9.8CVSS

9.3AI Score

0.002EPSS

2022-02-14 12:15 PM
60
cve
cve

CVE-2022-0525

Out-of-bounds Read in Homebrew mruby prior to...

9.1CVSS

9AI Score

0.002EPSS

2022-02-09 04:15 AM
61
cve
cve

CVE-2022-0481

NULL Pointer Dereference in Homebrew mruby prior to...

7.5CVSS

7.3AI Score

0.001EPSS

2022-02-04 11:15 PM
65
cve
cve

CVE-2022-0326

NULL Pointer Dereference in Homebrew mruby prior to...

5.5CVSS

5.3AI Score

0.001EPSS

2022-01-21 07:15 AM
49
cve
cve

CVE-2022-0240

mruby is vulnerable to NULL Pointer...

7.5CVSS

7.3AI Score

0.001EPSS

2022-01-17 02:15 PM
53
cve
cve

CVE-2021-46020

An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application...

7.5CVSS

7.3AI Score

0.001EPSS

2022-01-14 08:15 PM
29
cve
cve

CVE-2022-0080

mruby is vulnerable to Heap-based Buffer...

9.8CVSS

9.3AI Score

0.002EPSS

2022-01-02 12:15 PM
59
1
cve
cve

CVE-2021-4188

mruby is vulnerable to NULL Pointer...

7.5CVSS

7.3AI Score

0.001EPSS

2021-12-30 07:15 AM
48
cve
cve

CVE-2021-4110

mruby is vulnerable to NULL Pointer...

7.5CVSS

7.3AI Score

0.001EPSS

2021-12-15 05:15 AM
41
2
cve
cve

CVE-2020-36401

mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and...

7.8CVSS

7.6AI Score

0.002EPSS

2021-07-01 03:15 AM
46
2
cve
cve

CVE-2020-15866

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy...

9.8CVSS

9.6AI Score

0.005EPSS

2020-07-21 03:15 PM
55
4
cve
cve

CVE-2020-6840

In mruby 2.1.0, there is a use-after-free in hash_slice in...

9.8CVSS

9.4AI Score

0.005EPSS

2020-01-11 03:15 AM
110
cve
cve

CVE-2020-6839

In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in...

9.8CVSS

9.7AI Score

0.005EPSS

2020-01-11 03:15 AM
111
cve
cve

CVE-2020-6838

In mruby 2.1.0, there is a use-after-free in hash_values_at in...

9.8CVSS

9.4AI Score

0.007EPSS

2020-01-11 03:15 AM
109
cve
cve

CVE-2018-14337

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative...

7.5CVSS

7.5AI Score

0.003EPSS

2018-07-17 03:29 AM
28
4
cve
cve

CVE-2018-12249

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in...

7.5CVSS

7.8AI Score

0.002EPSS

2018-06-12 02:29 PM
40
4
cve
cve

CVE-2018-11743

The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other...

9.8CVSS

9.6AI Score

0.007EPSS

2018-06-05 01:29 PM
38
2
cve
cve

CVE-2018-10191

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary...

9.8CVSS

9.7AI Score

0.005EPSS

2018-04-17 09:29 PM
35
2
cve
cve

CVE-2017-9527

The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other impact via a crafted .rb...

7.8CVSS

7.9AI Score

0.002EPSS

2017-06-11 05:29 PM
27
2