Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
46 vulnerabilities found for mruby/mruby by mruby
CVE-2022-1934 (GCVE-0-2022-1934)
Vulnerability from cvelistv5 – Published: 2022-05-31 02:20 – Updated: 2024-08-03 00:24
VLAI?
Title
Use After Free in mruby/mruby
Summary
Use After Free in GitHub repository mruby/mruby prior to 3.2.
Severity ?
5.1 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:42.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use After Free in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-31T02:20:12.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce"
}
],
"source": {
"advisory": "99e6df06-b9f7-4c53-a722-6bb89fbfb51f",
"discovery": "EXTERNAL"
},
"title": "Use After Free in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1934",
"STATE": "PUBLIC",
"TITLE": "Use After Free in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use After Free in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f"
},
{
"name": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce"
}
]
},
"source": {
"advisory": "99e6df06-b9f7-4c53-a722-6bb89fbfb51f",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1934",
"datePublished": "2022-05-31T02:20:12.000Z",
"dateReserved": "2022-05-30T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:42.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1427 (GCVE-0-2022-1427)
Vulnerability from cvelistv5 – Published: 2022-04-22 23:35 – Updated: 2024-08-03 00:03
VLAI?
Title
Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby
Summary
Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.
Severity ?
7.7 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-22T23:35:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b"
}
],
"source": {
"advisory": "23b6f0a9-64f5-421e-a55f-b5b7a671f301",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1427",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301"
},
{
"name": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b"
}
]
},
"source": {
"advisory": "23b6f0a9-64f5-421e-a55f-b5b7a671f301",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1427",
"datePublished": "2022-04-22T23:35:09.000Z",
"dateReserved": "2022-04-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:03:06.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1286 (GCVE-0-2022-1286)
Vulnerability from cvelistv5 – Published: 2022-04-10 10:40 – Updated: 2024-08-02 23:55
VLAI?
Title
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby
Summary
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Severity ?
5.9 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-10T10:40:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9"
}
],
"source": {
"advisory": "f918376e-b488-4113-963d-ffe8716e4189",
"discovery": "EXTERNAL"
},
"title": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1286",
"STATE": "PUBLIC",
"TITLE": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189"
},
{
"name": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9"
}
]
},
"source": {
"advisory": "f918376e-b488-4113-963d-ffe8716e4189",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1286",
"datePublished": "2022-04-10T10:40:09.000Z",
"dateReserved": "2022-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1276 (GCVE-0-2022-1276)
Vulnerability from cvelistv5 – Published: 2022-04-10 09:35 – Updated: 2024-08-02 23:55
VLAI?
Title
Out-of-bounds Read in mrb_get_args in mruby/mruby
Summary
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Severity ?
8.4 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-10T09:35:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6"
}
],
"source": {
"advisory": "6ea041d1-e2aa-472c-bf3e-da5fa8726c25",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mrb_get_args in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1276",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mrb_get_args in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25"
},
{
"name": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6"
}
]
},
"source": {
"advisory": "6ea041d1-e2aa-472c-bf3e-da5fa8726c25",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1276",
"datePublished": "2022-04-10T09:35:10.000Z",
"dateReserved": "2022-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1212 (GCVE-0-2022-1212)
Vulnerability from cvelistv5 – Published: 2022-04-05 03:45 – Updated: 2024-08-02 23:55
VLAI?
Title
Use-After-Free in str_escape in mruby/mruby in mruby/mruby
Summary
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Severity ?
9.3 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-05T03:45:19.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6"
}
],
"source": {
"advisory": "9fcc06d0-08e4-49c8-afda-2cae40946abe",
"discovery": "EXTERNAL"
},
"title": "Use-After-Free in str_escape in mruby/mruby in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1212",
"STATE": "PUBLIC",
"TITLE": "Use-After-Free in str_escape in mruby/mruby in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe"
},
{
"name": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6"
}
]
},
"source": {
"advisory": "9fcc06d0-08e4-49c8-afda-2cae40946abe",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1212",
"datePublished": "2022-04-05T03:45:19.000Z",
"dateReserved": "2022-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1201 (GCVE-0-2022-1201)
Vulnerability from cvelistv5 – Published: 2022-04-02 07:45 – Updated: 2024-08-02 23:55
VLAI?
Title
NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby
Summary
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.
Severity ?
7.1 (High)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-02T07:45:34.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae"
}
],
"source": {
"advisory": "6f930add-c9d8-4870-ae56-d4bd8354703b",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1201",
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b"
},
{
"name": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae"
}
]
},
"source": {
"advisory": "6f930add-c9d8-4870-ae56-d4bd8354703b",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1201",
"datePublished": "2022-04-02T07:45:34.000Z",
"dateReserved": "2022-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1106 (GCVE-0-2022-1106)
Vulnerability from cvelistv5 – Published: 2022-03-27 14:05 – Updated: 2024-08-02 23:55
VLAI?
Title
use after free in mrb_vm_exec in mruby/mruby
Summary
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
Severity ?
7.2 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:23.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-27T14:05:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c"
}
],
"source": {
"advisory": "16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"discovery": "EXTERNAL"
},
"title": "use after free in mrb_vm_exec in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1106",
"STATE": "PUBLIC",
"TITLE": "use after free in mrb_vm_exec in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f"
},
{
"name": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c"
}
]
},
"source": {
"advisory": "16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1106",
"datePublished": "2022-03-27T14:05:10.000Z",
"dateReserved": "2022-03-26T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:23.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1071 (GCVE-0-2022-1071)
Vulnerability from cvelistv5 – Published: 2022-03-26 03:40 – Updated: 2024-08-02 23:47
VLAI?
Title
User after free in mrb_vm_exec in mruby/mruby
Summary
User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
Severity ?
7.7 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-26T03:40:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f"
}
],
"source": {
"advisory": "6597ece9-07af-415b-809b-919ce0a17cf3",
"discovery": "EXTERNAL"
},
"title": "User after free in mrb_vm_exec in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1071",
"STATE": "PUBLIC",
"TITLE": "User after free in mrb_vm_exec in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3"
},
{
"name": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f"
}
]
},
"source": {
"advisory": "6597ece9-07af-415b-809b-919ce0a17cf3",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1071",
"datePublished": "2022-03-26T03:40:10.000Z",
"dateReserved": "2022-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:43.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0890 (GCVE-0-2022-0890)
Vulnerability from cvelistv5 – Published: 2022-03-10 01:10 – Updated: 2024-08-02 23:47
VLAI?
Title
NULL Pointer Dereference in mruby/mruby
Summary
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.
Severity ?
5.5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-10T01:10:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
],
"source": {
"advisory": "68e09ec1-6cc7-48b8-981d-30f478c70276",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0890",
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"name": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
]
},
"source": {
"advisory": "68e09ec1-6cc7-48b8-981d-30f478c70276",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0890",
"datePublished": "2022-03-10T01:10:09.000Z",
"dateReserved": "2022-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:42.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0717 (GCVE-0-2022-0717)
Vulnerability from cvelistv5 – Published: 2022-02-23 02:05 – Updated: 2024-08-02 23:40
VLAI?
Title
Out-of-bounds Read in mruby/mruby
Summary
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.
Severity ?
6.8 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:03.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-23T02:05:11.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
],
"source": {
"advisory": "27a851a5-7ebf-409b-854f-b2614771e8f9",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0717",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"name": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
]
},
"source": {
"advisory": "27a851a5-7ebf-409b-854f-b2614771e8f9",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0717",
"datePublished": "2022-02-23T02:05:11.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:40:03.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0632 (GCVE-0-2022-0632)
Vulnerability from cvelistv5 – Published: 2022-02-19 14:00 – Updated: 2024-08-02 23:32
VLAI?
Title
NULL Pointer Dereference in mruby/mruby
Summary
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
Severity ?
5.5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-19T14:00:12.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d"
}
],
"source": {
"advisory": "3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0632",
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b"
},
{
"name": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d"
}
]
},
"source": {
"advisory": "3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0632",
"datePublished": "2022-02-19T14:00:12.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0630 (GCVE-0-2022-0630)
Vulnerability from cvelistv5 – Published: 2022-02-19 13:55 – Updated: 2024-08-02 23:32
VLAI?
Title
Out-of-bounds Read in mruby/mruby
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
Severity ?
7.1 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-19T13:55:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32"
}
],
"source": {
"advisory": "f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0630",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"name": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32"
}
]
},
"source": {
"advisory": "f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0630",
"datePublished": "2022-02-19T13:55:09.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0631 (GCVE-0-2022-0631)
Vulnerability from cvelistv5 – Published: 2022-02-18 13:55 – Updated: 2024-08-02 23:32
VLAI?
Title
Heap-based Buffer Overflow in mruby/mruby
Summary
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
Severity ?
5.9 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-18T13:55:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299"
}
],
"source": {
"advisory": "9bdc49ca-6697-4adc-a785-081e1961bf40",
"discovery": "EXTERNAL"
},
"title": "Heap-based Buffer Overflow in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0631",
"STATE": "PUBLIC",
"TITLE": "Heap-based Buffer Overflow in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40"
},
{
"name": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299"
}
]
},
"source": {
"advisory": "9bdc49ca-6697-4adc-a785-081e1961bf40",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0631",
"datePublished": "2022-02-18T13:55:10.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0623 (GCVE-0-2022-0623)
Vulnerability from cvelistv5 – Published: 2022-02-17 06:30 – Updated: 2024-08-02 23:32
VLAI?
Title
Out-of-bounds Read in mruby/mruby
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-17T06:30:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580"
}
],
"source": {
"advisory": "5b908ac7-d8f1-4fcd-9355-85df565f7580",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0623",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"name": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580"
}
]
},
"source": {
"advisory": "5b908ac7-d8f1-4fcd-9355-85df565f7580",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0623",
"datePublished": "2022-02-17T06:30:10.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0614 (GCVE-0-2022-0614)
Vulnerability from cvelistv5 – Published: 2022-02-16 09:40 – Updated: 2024-08-02 23:32
VLAI?
Title
Use of Out-of-range Pointer Offset in mruby/mruby
Summary
Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.
Severity ?
8.4 (High)
CWE
- CWE-823 - Use of Out-of-range Pointer Offset
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-823",
"description": "CWE-823 Use of Out-of-range Pointer Offset",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T09:40:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
}
],
"source": {
"advisory": "a980ce4d-c359-4425-92c4-e844c0055879",
"discovery": "EXTERNAL"
},
"title": "Use of Out-of-range Pointer Offset in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0614",
"STATE": "PUBLIC",
"TITLE": "Use of Out-of-range Pointer Offset in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-823 Use of Out-of-range Pointer Offset"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879"
},
{
"name": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
}
]
},
"source": {
"advisory": "a980ce4d-c359-4425-92c4-e844c0055879",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0614",
"datePublished": "2022-02-16T09:40:10.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1934 (GCVE-0-2022-1934)
Vulnerability from nvd – Published: 2022-05-31 02:20 – Updated: 2024-08-03 00:24
VLAI?
Title
Use After Free in mruby/mruby
Summary
Use After Free in GitHub repository mruby/mruby prior to 3.2.
Severity ?
5.1 (Medium)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:42.561Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use After Free in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-31T02:20:12.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce"
}
],
"source": {
"advisory": "99e6df06-b9f7-4c53-a722-6bb89fbfb51f",
"discovery": "EXTERNAL"
},
"title": "Use After Free in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1934",
"STATE": "PUBLIC",
"TITLE": "Use After Free in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use After Free in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/99e6df06-b9f7-4c53-a722-6bb89fbfb51f"
},
{
"name": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce"
}
]
},
"source": {
"advisory": "99e6df06-b9f7-4c53-a722-6bb89fbfb51f",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1934",
"datePublished": "2022-05-31T02:20:12.000Z",
"dateReserved": "2022-05-30T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:42.561Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1427 (GCVE-0-2022-1427)
Vulnerability from nvd – Published: 2022-04-22 23:35 – Updated: 2024-08-03 00:03
VLAI?
Title
Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby
Summary
Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.
Severity ?
7.7 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:03:06.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-22T23:35:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b"
}
],
"source": {
"advisory": "23b6f0a9-64f5-421e-a55f-b5b7a671f301",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1427",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mrb_obj_is_kind_of in in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301"
},
{
"name": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b"
}
]
},
"source": {
"advisory": "23b6f0a9-64f5-421e-a55f-b5b7a671f301",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1427",
"datePublished": "2022-04-22T23:35:09.000Z",
"dateReserved": "2022-04-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:03:06.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1286 (GCVE-0-2022-1286)
Vulnerability from nvd – Published: 2022-04-10 10:40 – Updated: 2024-08-02 23:55
VLAI?
Title
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby
Summary
heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Severity ?
5.9 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-10T10:40:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9"
}
],
"source": {
"advisory": "f918376e-b488-4113-963d-ffe8716e4189",
"discovery": "EXTERNAL"
},
"title": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1286",
"STATE": "PUBLIC",
"TITLE": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "heap-buffer-overflow in mrb_vm_exec in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f918376e-b488-4113-963d-ffe8716e4189"
},
{
"name": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/b1d0296a937fe278239bdfac840a3fd0e93b3ee9"
}
]
},
"source": {
"advisory": "f918376e-b488-4113-963d-ffe8716e4189",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1286",
"datePublished": "2022-04-10T10:40:09.000Z",
"dateReserved": "2022-04-09T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1276 (GCVE-0-2022-1276)
Vulnerability from nvd – Published: 2022-04-10 09:35 – Updated: 2024-08-02 23:55
VLAI?
Title
Out-of-bounds Read in mrb_get_args in mruby/mruby
Summary
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Severity ?
8.4 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-10T09:35:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6"
}
],
"source": {
"advisory": "6ea041d1-e2aa-472c-bf3e-da5fa8726c25",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mrb_get_args in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1276",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mrb_get_args in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6ea041d1-e2aa-472c-bf3e-da5fa8726c25"
},
{
"name": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/c8c083cb750606b2da81582cd8e43b442bb143e6"
}
]
},
"source": {
"advisory": "6ea041d1-e2aa-472c-bf3e-da5fa8726c25",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1276",
"datePublished": "2022-04-10T09:35:10.000Z",
"dateReserved": "2022-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.623Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1212 (GCVE-0-2022-1212)
Vulnerability from nvd – Published: 2022-04-05 03:45 – Updated: 2024-08-02 23:55
VLAI?
Title
Use-After-Free in str_escape in mruby/mruby in mruby/mruby
Summary
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Severity ?
9.3 (Critical)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-05T03:45:19.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6"
}
],
"source": {
"advisory": "9fcc06d0-08e4-49c8-afda-2cae40946abe",
"discovery": "EXTERNAL"
},
"title": "Use-After-Free in str_escape in mruby/mruby in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1212",
"STATE": "PUBLIC",
"TITLE": "Use-After-Free in str_escape in mruby/mruby in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/9fcc06d0-08e4-49c8-afda-2cae40946abe"
},
{
"name": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/3cf291f72224715942beaf8553e42ba8891ab3c6"
}
]
},
"source": {
"advisory": "9fcc06d0-08e4-49c8-afda-2cae40946abe",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1212",
"datePublished": "2022-04-05T03:45:19.000Z",
"dateReserved": "2022-04-04T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1201 (GCVE-0-2022-1201)
Vulnerability from nvd – Published: 2022-04-02 07:45 – Updated: 2024-08-02 23:55
VLAI?
Title
NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby
Summary
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.
Severity ?
7.1 (High)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-02T07:45:34.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae"
}
],
"source": {
"advisory": "6f930add-c9d8-4870-ae56-d4bd8354703b",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1201",
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mrb_vm_exec with super in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b"
},
{
"name": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae"
}
]
},
"source": {
"advisory": "6f930add-c9d8-4870-ae56-d4bd8354703b",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1201",
"datePublished": "2022-04-02T07:45:34.000Z",
"dateReserved": "2022-04-01T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:24.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1106 (GCVE-0-2022-1106)
Vulnerability from nvd – Published: 2022-03-27 14:05 – Updated: 2024-08-02 23:55
VLAI?
Title
use after free in mrb_vm_exec in mruby/mruby
Summary
use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
Severity ?
7.2 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:23.753Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-27T14:05:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c"
}
],
"source": {
"advisory": "16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"discovery": "EXTERNAL"
},
"title": "use after free in mrb_vm_exec in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1106",
"STATE": "PUBLIC",
"TITLE": "use after free in mrb_vm_exec in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f"
},
{
"name": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c"
}
]
},
"source": {
"advisory": "16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1106",
"datePublished": "2022-03-27T14:05:10.000Z",
"dateReserved": "2022-03-26T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:55:23.753Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1071 (GCVE-0-2022-1071)
Vulnerability from nvd – Published: 2022-03-26 03:40 – Updated: 2024-08-02 23:47
VLAI?
Title
User after free in mrb_vm_exec in mruby/mruby
Summary
User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
Severity ?
7.7 (High)
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:43.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-26T03:40:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f"
}
],
"source": {
"advisory": "6597ece9-07af-415b-809b-919ce0a17cf3",
"discovery": "EXTERNAL"
},
"title": "User after free in mrb_vm_exec in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-1071",
"STATE": "PUBLIC",
"TITLE": "User after free in mrb_vm_exec in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3"
},
{
"name": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f"
}
]
},
"source": {
"advisory": "6597ece9-07af-415b-809b-919ce0a17cf3",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-1071",
"datePublished": "2022-03-26T03:40:10.000Z",
"dateReserved": "2022-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:43.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0890 (GCVE-0-2022-0890)
Vulnerability from nvd – Published: 2022-03-10 01:10 – Updated: 2024-08-02 23:47
VLAI?
Title
NULL Pointer Dereference in mruby/mruby
Summary
NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2.
Severity ?
5.5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-10T01:10:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
],
"source": {
"advisory": "68e09ec1-6cc7-48b8-981d-30f478c70276",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0890",
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276"
},
{
"name": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa"
}
]
},
"source": {
"advisory": "68e09ec1-6cc7-48b8-981d-30f478c70276",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0890",
"datePublished": "2022-03-10T01:10:09.000Z",
"dateReserved": "2022-03-09T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:47:42.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0717 (GCVE-0-2022-0717)
Vulnerability from nvd – Published: 2022-02-23 02:05 – Updated: 2024-08-02 23:40
VLAI?
Title
Out-of-bounds Read in mruby/mruby
Summary
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.
Severity ?
6.8 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:40:03.266Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-23T02:05:11.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
],
"source": {
"advisory": "27a851a5-7ebf-409b-854f-b2614771e8f9",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0717",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9"
},
{
"name": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76"
}
]
},
"source": {
"advisory": "27a851a5-7ebf-409b-854f-b2614771e8f9",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0717",
"datePublished": "2022-02-23T02:05:11.000Z",
"dateReserved": "2022-02-22T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:40:03.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0632 (GCVE-0-2022-0632)
Vulnerability from nvd – Published: 2022-02-19 14:00 – Updated: 2024-08-02 23:32
VLAI?
Title
NULL Pointer Dereference in mruby/mruby
Summary
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
Severity ?
5.5 (Medium)
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-19T14:00:12.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d"
}
],
"source": {
"advisory": "3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"discovery": "EXTERNAL"
},
"title": "NULL Pointer Dereference in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0632",
"STATE": "PUBLIC",
"TITLE": "NULL Pointer Dereference in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b"
},
{
"name": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d"
}
]
},
"source": {
"advisory": "3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0632",
"datePublished": "2022-02-19T14:00:12.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0630 (GCVE-0-2022-0630)
Vulnerability from nvd – Published: 2022-02-19 13:55 – Updated: 2024-08-02 23:32
VLAI?
Title
Out-of-bounds Read in mruby/mruby
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
Severity ?
7.1 (High)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.461Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-19T13:55:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32"
}
],
"source": {
"advisory": "f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0630",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"name": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32"
}
]
},
"source": {
"advisory": "f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0630",
"datePublished": "2022-02-19T13:55:09.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0631 (GCVE-0-2022-0631)
Vulnerability from nvd – Published: 2022-02-18 13:55 – Updated: 2024-08-02 23:32
VLAI?
Title
Heap-based Buffer Overflow in mruby/mruby
Summary
Heap-based Buffer Overflow in Homebrew mruby prior to 3.2.
Severity ?
5.9 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.546Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-18T13:55:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299"
}
],
"source": {
"advisory": "9bdc49ca-6697-4adc-a785-081e1961bf40",
"discovery": "EXTERNAL"
},
"title": "Heap-based Buffer Overflow in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0631",
"STATE": "PUBLIC",
"TITLE": "Heap-based Buffer Overflow in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40"
},
{
"name": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299"
}
]
},
"source": {
"advisory": "9bdc49ca-6697-4adc-a785-081e1961bf40",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0631",
"datePublished": "2022-02-18T13:55:10.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0623 (GCVE-0-2022-0623)
Vulnerability from nvd – Published: 2022-02-17 06:30 – Updated: 2024-08-02 23:32
VLAI?
Title
Out-of-bounds Read in mruby/mruby
Summary
Out-of-bounds Read in Homebrew mruby prior to 3.2.
Severity ?
6.5 (Medium)
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-17T06:30:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580"
}
],
"source": {
"advisory": "5b908ac7-d8f1-4fcd-9355-85df565f7580",
"discovery": "EXTERNAL"
},
"title": "Out-of-bounds Read in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0623",
"STATE": "PUBLIC",
"TITLE": "Out-of-bounds Read in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Out-of-bounds Read in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125 Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
},
{
"name": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580"
}
]
},
"source": {
"advisory": "5b908ac7-d8f1-4fcd-9355-85df565f7580",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0623",
"datePublished": "2022-02-17T06:30:10.000Z",
"dateReserved": "2022-02-16T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0614 (GCVE-0-2022-0614)
Vulnerability from nvd – Published: 2022-02-16 09:40 – Updated: 2024-08-02 23:32
VLAI?
Title
Use of Out-of-range Pointer Offset in mruby/mruby
Summary
Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2.
Severity ?
8.4 (High)
CWE
- CWE-823 - Use of Out-of-range Pointer Offset
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| mruby | mruby/mruby |
Affected:
unspecified , < 3.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "mruby/mruby",
"vendor": "mruby",
"versions": [
{
"lessThan": "3.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-823",
"description": "CWE-823 Use of Out-of-range Pointer Offset",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-16T09:40:09.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
}
],
"source": {
"advisory": "a980ce4d-c359-4425-92c4-e844c0055879",
"discovery": "EXTERNAL"
},
"title": "Use of Out-of-range Pointer Offset in mruby/mruby",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-0614",
"STATE": "PUBLIC",
"TITLE": "Use of Out-of-range Pointer Offset in mruby/mruby"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "mruby/mruby",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "3.2"
}
]
}
}
]
},
"vendor_name": "mruby"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-823 Use of Out-of-range Pointer Offset"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879"
},
{
"name": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource": "MISC",
"url": "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad"
}
]
},
"source": {
"advisory": "a980ce4d-c359-4425-92c4-e844c0055879",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0614",
"datePublished": "2022-02-16T09:40:10.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-02T23:32:46.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}