CVE-2022-052509.02.2022, 04:15Out-of-bounds Read in Homebrew mruby prior to 3.2.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST9.1 CRITICALNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H@huntrdevCNA8.4 HIGHLOCALLOWNONECVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCVEADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 51%VendorProductVersionmrubymruby𝑥≤ 3.1𝑥= Vulnerable software versionsDebian ReleasesDebian ProductCodenamemrubybullseye2.1.2-3fixedbookworm3.1.0-3fixedsid3.3.0-1fixedtrixie3.3.0-1fixedUbuntu ReleasesUbuntu ProductCodenamemrubynobleneeds-triagemanticignoredlunarignoredkineticignoredjammyneeds-triageimpishignoredfocalneeds-triagebionicneeds-triagexenialneeds-triagetrustyignoredKnown Exploits!https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9Common Weakness EnumerationCWE-125 - Out-of-bounds ReadThe software reads data past the end, or before the beginning, of the intended buffer.Referenceshttps://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9
