Vulnerabilities > Mruby

DATE CVE VULNERABILITY TITLE RISK
2022-01-17 CVE-2022-0240 Unspecified vulnerability in Mruby
mruby is vulnerable to NULL Pointer Dereference
network
low complexity
mruby
7.5
2022-01-14 CVE-2021-46020 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mruby 3.0.0
An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.
network
low complexity
mruby CWE-119
7.5
2022-01-02 CVE-2022-0080 Unspecified vulnerability in Mruby
mruby is vulnerable to Heap-based Buffer Overflow
network
low complexity
mruby
critical
9.8
2021-12-30 CVE-2021-4188 NULL Pointer Dereference vulnerability in Mruby
mruby is vulnerable to NULL Pointer Dereference
network
low complexity
mruby CWE-476
7.5
2021-12-15 CVE-2021-4110 Unspecified vulnerability in Mruby
mruby is vulnerable to NULL Pointer Dereference
network
low complexity
mruby
7.5
2021-07-01 CVE-2020-36401 Double Free vulnerability in Mruby 2.1.2
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
local
low complexity
mruby CWE-415
7.8
2020-07-21 CVE-2020-15866 Out-of-bounds Write vulnerability in multiple products
mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling.
network
low complexity
mruby debian CWE-787
critical
9.8
2020-01-11 CVE-2020-6840 Use After Free vulnerability in Mruby 2.1.0
In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.
network
low complexity
mruby CWE-416
critical
9.8
2020-01-11 CVE-2020-6839 Out-of-bounds Write vulnerability in Mruby 2.1.0
In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.
network
low complexity
mruby CWE-787
critical
9.8
2020-01-11 CVE-2020-6838 Use After Free vulnerability in Mruby 2.1.0
In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.
network
low complexity
mruby CWE-416
critical
9.8