The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows malicious users to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mruby mruby 1.4.1 |
||
debian debian linux 9.0 |