Mruby ≫ Mruby

NULL Pointer Dereference in Homebrew mruby prior to 3.2.

mruby is vulnerable to NULL Pointer Dereference

An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can lead to a segmentation fault or application crash.

mruby is vulnerable to Heap-based Buffer Overflow

mruby is vulnerable to NULL Pointer Dereference

mruby is vulnerable to NULL Pointer Dereference

mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).

mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.

In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.

In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.