CVE-2022-1201

Name
CVE-2022-1201
Description
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b
MISC https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:brew:mruby:*:*:*:*:*:ruby:*:* ruby-mruby >= None < 3.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
mruby 3.17-community 3.1.0-r0 Jakub Jirutka <jakub@jirutka.cz> fixed