CVE-2022-1071

HIGH

Mruby < 3.1 - Use After Free

Title source: rule

User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2.

Core 2

Core References

Exploit, Patch, Third Party Advisory x_refsource_confirm

Patch, Third Party Advisory x_refsource_misc

CVSS v3 8.2

EPSS 0.0032

EPSS Percentile 55.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE

CWE-416

Status published

Products (1)

mruby/mruby < 3.1

Published Mar 26, 2022

Tracked Since Feb 18, 2026