mruby
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | An interpreter for the Ruby programming language with the intention of being lightweight and easily embeddable |
| Version | 3.3.0-1 [extra] |
Open
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2644 | 3.0.0-1 | Low | Vulnerable |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-4110 | AVG-2644 | Low | No | Denial of service | mruby is vulnerable to a NULL pointer dereference. |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2116 | 2.1.2-1 | 3.0.0-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2020-36401 | AVG-2116 | Medium | Yes | Arbitrary code execution | mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free). |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 01 Jul 2021 | ASA-202107-10 | AVG-2116 | Medium | arbitrary code execution |