CVE-2021-418830.12.2021, 07:15mruby is vulnerable to NULL Pointer DereferenceEnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST7.5 HIGHNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H@huntrdevCNA6.8 MEDIUMLOCALLOWNONECVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:HCVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 50%VendorProductVersionmrubymruby𝑥≤ 3.0.0𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenamemrubybullseye2.1.2-3fixedbookworm3.1.0-3fixedsid3.3.0-1fixedtrixie3.3.0-1fixedUbuntu ReleasesUbuntu ProductCodenamemrubynobleneeds-triagemanticignoredlunarignoredkineticignoredjammyneeds-triageimpishignoredhirsuteignoredfocalneeds-triagebionicneeds-triagexenialneeds-triagetrustyignoredKnown Exploits!https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28Common Weakness EnumerationCWE-476 - NULL Pointer DereferenceA NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.Referenceshttps://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28https://github.com/mruby/mruby/commit/27d1e0132a0804581dca28df042e7047fd27eaa8https://huntr.dev/bounties/78533fb9-f3e0-47c2-86dc-d1f96d5bea28
