| Advisory
Products
MOOLE SCA
Continuous visibility into open-source risk
MOOLE Container Security
End-to-end container defense across the SDLC
MOOLE SAST
Static application security testing for source code
About Us
CVE-2022-1071
Vulnerability Database
CVE-2022-1071
Base Score
HIGH
8.2
CVE-2022-1071
User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.
Vector
LOCAL
Published By
security@huntr.dev
Published Date
Mar 26, 2022, 04:15
Weakness Type (CWE)
:
CWE-416
CVSS Metrics
CVSS v3.1
CVSS v3.0
CVSS v2
Base Score
8.2
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
LOW
Privileges Required (PR)
LOW
User Interaction (UI)
REQUIRED
Scope (S)
CHANGED
Confidentiality (C)
HIGH
Integrity (I)
HIGH
Availability (A)
HIGH
References
https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f
https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3
Base Score
HIGH
8.2
Weakness Type (CWE)
:
CWE-416
CVSS Metrics
CVSS v3.1
CVSS v3.0
CVSS v2
Base Score
8.2
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Base Severity
HIGH
Version
3.1
Attack Vector (AV)
LOCAL
Attack Complexity (AC)
LOW
Privileges Required (PR)
LOW
User Interaction (UI)
REQUIRED
Scope (S)
CHANGED
Confidentiality (C)
HIGH
Integrity (I)
HIGH
Availability (A)
HIGH
