CVE-2022-1427

Опубликовано: 23 апр. 2022

Источник: debian

Описание

Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mruby	fixed	3.1.0-1		package
mruby	no-dsa		bullseye	package
mruby	no-dsa		buster	package
mruby	not-affected		stretch	package

Примечания

https://huntr.dev/bounties/23b6f0a9-64f5-421e-a55f-b5b7a671f301
https://github.com/mruby/mruby/commit/a4d97934d51cb88954cc49161dc1d151f64afb6b

Связанные уязвимости

CVE-2022-1427

CVSS3: 7.8

ubuntu

почти 4 года назад

Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.

CVE-2022-1427

CVSS3: 7.8

nvd

почти 4 года назад

Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.

GHSA-45gc-6g92-9g2j

CVSS3: 7.8

github

почти 4 года назад

Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.