Security Advisory

CVE-2018-10199

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-04-18 15:00:00

Last updated 2024-09-16 21:58:11

Assigner mitre

State PUBLISHED

Description

In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). An attacker that can cause Ruby code to be run can possibly use this to execute arbitrary code.

← Browse all CVEs View on cve.org ↗