Download
| Alert*
oval:org.secpod.oval:def:603700
mruby is installed oval:org.secpod.oval:def:2001631 An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber. oval:org.secpod.oval:def:2000920 The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrb_str_resize function in string.c does not check for a negative length. oval:org.secpod.oval:def:2000839 An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class_real because "class BasicObject" is not properly supported in class.c. oval:org.secpod.oval:def:2000028 The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service or possibly have unspecified other impact. oval:org.secpod.oval:def:2000884 In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code. oval:org.secpod.oval:def:2000643 The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rb file. |