CVE-2021-418830.12.2021, 07:15mruby is vulnerable to NULL Pointer DereferenceEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTPrimary7.5 HIGHNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HBase ScoreCVSS 3.xEPSS ScorePercentile: UnknownAffected Products (NVD)VendorProductVersionmrubymruby𝑥≤ 3.0.0𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenamemrubybookworm3.1.0-3fixedbullseye2.1.2-3fixedsid3.3.0-1fixedtrixie3.3.0-1fixedUbuntu ReleasesUbuntu ProductCodenamemrubybionicneeds-triagefocalneeds-triagehirsuteignoredimpishignoredjammyneeds-triagekineticignoredlunarignoredmanticignorednobleneeds-triagetrustyignoredxenialneeds-triageKnown Exploits!https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28Common Weakness EnumerationCWE-476 - NULL Pointer DereferenceA NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.Referenceshttps://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28
