Vulnerability Database

309,136

Total vulnerabilities in the database

CVE-2018-12248

An issue was discovered in mruby 1.4.1. There is a heap-based buffer over-read associated with OP_ENTER because mrbgems/mruby-fiber/src/fiber.c does not extend the stack in cases of many arguments to fiber.

Published: Jun 12, 2018
Updated: Nov 9, 2025
CVE: CVE-2018-12248
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
mruby / mruby	1.4.1	1.4.1.x

https://github.com/mruby/mruby/commit/778500563a9f7ceba996937dc886bd8cde29b42b
https://github.com/mruby/mruby/issues/4038

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo