Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
mruby array.c sort_cmp use after free
Vulnerability Description
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sort_cmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is eb398971bfb43c38db3e04528b68ac9a7ce509bc. It is advisable to implement a patch to correct this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
释放后使用
Vulnerability Title
mruby 资源管理错误漏洞
Vulnerability Description
mruby是makesoftwaresafe开源的一款Ruby语言的轻量级实现。 mruby 3.4.0及之前版本存在资源管理错误漏洞,该漏洞源于文件src/array.c中sort_cmp函数存在释放后重用问题。
CVSS Information
N/A
Vulnerability Type
N/A