Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2020-36401

Disclosure Date: July 01, 2021 (last updated February 22, 2025)
mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-15866

Disclosure Date: July 21, 2020 (last updated February 21, 2025)
mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0