CVE-2022-1201 Information
Jun 07, 2022
cve
Description
NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash thus affecting the availability of the system.
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Reference
https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
CHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
6.5
Share on: