漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
mruby JMPNOT-to-JMPIF Optimization vm.c mrb_vm_exec use after free
漏洞信息
A flaw has been found in mruby up to 3.4.0. This affects the function mrb_vm_exec of the file src/vm.c of the component JMPNOT-to-JMPIF Optimization. Executing a manipulation can lead to use after free. The attack needs to be launched locally. The exploit has been published and may be used. This patch is called e50f15c1c6e131fa7934355eb02b8173b13df415. It is advisable to implement a patch to correct this issue.
漏洞信息
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞
释放后使用
漏洞
mruby 资源管理错误漏洞
漏洞信息
mruby是makesoftwaresafe开源的一款Ruby语言的轻量级实现。 mruby 3.4.0及之前版本存在资源管理错误漏洞,该漏洞源于JMPNOT-to-JMPIF Optimization组件中src/vm.c文件的mrb_vm_exec函数存在缺陷,可能导致释放后重用。
漏洞信息
N/A
漏洞
N/A