Vulnerability Details CVE-2025-13397
A security vulnerability has been detected in mrubyc up to 3.4. This impacts the function mrbc_raw_realloc of the file src/alloc.c. Such manipulation of the argument ptr leads to null pointer dereference. An attack has to be approached locally. The name of the patch is 009111904807b8567262036bf45297c3da8f1c87. It is advisable to implement a patch to correct this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.0%
CVSS Severity
CVSS v3 Score 3.3
CVSS v2 Score 1.7
References
Products affected by CVE-2025-13397
-
cpe:2.3:a:s-itoc:mruby/c:1.0
-
cpe:2.3:a:s-itoc:mruby/c:1.1
-
cpe:2.3:a:s-itoc:mruby/c:1.2
-
cpe:2.3:a:s-itoc:mruby/c:2.0
-
cpe:2.3:a:s-itoc:mruby/c:2.1
-
cpe:2.3:a:s-itoc:mruby/c:3.1
-
cpe:2.3:a:s-itoc:mruby/c:3.2
-
cpe:2.3:a:s-itoc:mruby/c:3.3
-
cpe:2.3:a:s-itoc:mruby/c:3.3.1
-
cpe:2.3:a:s-itoc:mruby/c:3.4