CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-12247

An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2
https://github.com/mruby/mruby/issues/4036
https://github.com/mruby/mruby/commit/55edae0226409de25e59922807cb09acb45731a2
https://github.com/mruby/mruby/issues/4036

Products affected by CVE-2018-12247

Mruby » Mruby » Version: 1.4.1

cpe:2.3:a:mruby:mruby:1.4.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12247

Products

Pricing

Contact Us