CVE-2020-36401

Published: 1 July 2021

mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free).

Priority

CVSS 3 base score: 7.8

Status

Package	Release	Status
mruby Launchpad, Ubuntu, Debian	bionic	Needs triage
	focal	Needs triage
	groovy	Ignored (reached end-of-life)
	hirsute	Ignored (reached end-of-life)
	impish	Needed
	jammy	Needed
	trusty	Does not exist
	upstream	Released (3.0.0)
	xenial	Ignored (out of standard support)

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.