Описание
In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | not-affected | 1.4.1-2 |
| devel | not-affected | 1.4.1-2 |
| disco | not-affected | 1.4.1-2 |
| eoan | not-affected | 1.4.1-2 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | not-affected | 1.4.1-2 |
| esm-apps/jammy | not-affected | 1.4.1-2 |
| esm-apps/noble | not-affected | 1.4.1-2 |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code.
In versions of mruby up to and including 1.4.0, an integer overflow ex ...
In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code.
7.5 High
CVSS2
9.8 Critical
CVSS3