Описание
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
Ссылки
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.0.0 (включая)
Одно из
cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*
cpe:2.3:a:mruby:mruby:3.1.0:rc:*:*:*:*:*:*
cpe:2.3:a:mruby:mruby:3.1.0:rc2:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00332
Низкий
9.3 Critical
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 4 года назад
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
CVSS3: 9.8
debian
почти 4 года назад
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby ...
CVSS3: 9.8
github
почти 4 года назад
Use-After-Free in str_escape in mruby/mruby in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
EPSS
Процентиль: 56%
0.00332
Низкий
9.3 Critical
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416