CVE-2022-1201 — Vulnetix

CVE-2022-1201 PUBLISHED CVSS 7.099999904632568 HIGH

NULL Pointer Dereference in mrb_vm_exec with super in GitHub repository mruby/mruby prior to 3.2. This vulnerability is capable of making the mruby interpreter crash, thus affecting the availability of the system.

EPSS 0.13% · 32.4th percentile

Risk Scores

CVSS v3.0

7.099999904632568

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Score

0.13%

32.4th percentile

Affected Products

Vendor	Product	Versions
mruby	mruby/mruby	*
mruby	mruby	0

Timeline

Apr 2, 2022 EPSS Score
Apr 2, 2022 CVE Published
May 23, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 2, 2022 EPSS Score
Oct 22, 2022 EPSS Score
Dec 12, 2022 EPSS Score
Jan 31, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 23, 2023 EPSS Score
May 12, 2023 EPSS Score
Jul 2, 2023 EPSS Score

References

https://huntr.dev/bounties/6f930add-c9d8-4870-ae56-d4bd8354703b url
https://github.com/mruby/mruby/commit/00acae117da1b45b318dc36531a7b0021b8097ae url
https://nvd.nist.gov/vuln/detail/CVE-2022-1201 advisory

Open in Interactive Console →