The mark_context_stack function in gc.c in mruby through 1.2.0 allows attackers to cause a denial of service (heap-based use-after-free and application crash) or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Denial Of Service
Memory Corruption
Use After Free
Mruby
Debian Linux
NVD
GitHub
CVSS 3.1
7.8
EPSS
0.2%