{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-7207","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-07-07T12:21:11.405Z","datePublished":"2025-07-09T00:02:07.237Z","dateUpdated":"2025-07-09T13:08:10.538Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-07-09T00:02:07.237Z"},"title":"mruby nregs codegen.c scope_new heap-based overflow","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-122","lang":"en","description":"Heap-based Buffer Overflow"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-119","lang":"en","description":"Memory Corruption"}]}],"affected":[{"vendor":"n/a","product":"mruby","versions":[{"version":"3.4.0-rc1","status":"affected"},{"version":"3.4.0-rc2","status":"affected"}],"modules":["nregs Handler"]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as problematic, was found in mruby up to 3.4.0-rc2. Affected is the function scope_new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is 1fdd96104180cc0fb5d3cb086b05ab6458911bb9. It is recommended to apply a patch to fix this issue."},{"lang":"de","value":"Es wurde eine Schwachstelle in mruby bis 3.4.0-rc2 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist die Funktion scope_new der Datei mrbgems/mruby-compiler/core/codegen.c der Komponente nregs Handler. Mittels Manipulieren mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur öffentlichen Verfügung. Der Patch wird als 1fdd96104180cc0fb5d3cb086b05ab6458911bb9 bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":1.7,"vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C"}}],"timeline":[{"time":"2025-07-07T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-07-07T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-07-07T14:27:08.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"JJLeo (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.315156","name":"VDB-315156 | mruby nregs codegen.c scope_new heap-based overflow","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.315156","name":"VDB-315156 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.607683","name":"Submit #607683 | mruby mruby 3.4.0-rc2 (commit dd68681) Heap-based Buffer Overflow","tags":["third-party-advisory"]},{"url":"https://github.com/mruby/mruby/issues/6509","tags":["issue-tracking"]},{"url":"https://github.com/mruby/mruby/issues/6509#event-17145516649","tags":["issue-tracking"]},{"url":"https://github.com/user-attachments/files/19619499/mruby_crash.txt","tags":["exploit"]},{"url":"https://github.com/mruby/mruby/commit/1fdd96104180cc0fb5d3cb086b05ab6458911bb9","tags":["patch"]}]},"adp":[{"references":[{"url":"https://github.com/mruby/mruby/issues/6509","tags":["exploit"]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-07-09T13:08:07.309680Z","id":"CVE-2025-7207","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-07-09T13:08:10.538Z"}}]}}