Published: 12/06/2018 Updated: 01/08/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

An issue exists in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag).

Github Repositories

A grammar based feedback Fuzzer

Nautilus 20 Nautilus is a coverage guided, grammar based fuzzer You can use it to improve your test coverage and find more bugs By specifying the grammar of semi valid inputs, Nautilus is able to perform complex mutation and to uncover more interesting test cases Many of the ideas behind this fuzzer are documented in a Paper published at NDSS 2019 Version 20 has adde