CVE-2025-12875

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-12875
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12875.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-12875
Downstream
Published
2025-11-07T21:15:40.557Z
Modified
2026-04-12T14:04:26.768612Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. This patch is called 93619f06dd378db6766666b30c08978311c7ec94. It is best practice to apply a patch to resolve this issue.

References

Affected packages

Git / github.com/makesoftwaresafe/mruby

Affected ranges

Type
GIT
Repo
https://github.com/makesoftwaresafe/mruby
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
93619f06dd378db6766666b30c08978311c7ec94
Type
GIT
Repo
https://github.com/mruby/mruby
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a309524d0bc90eef077a24634db2495a6f68e318
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.4.0"
        }
    ]
}

Affected versions

1.*
1.0.0
1.1.0
1.2.0
3.*
3.0.0-preview
3.4.0
3.4.0-rc
3.4.0-rc2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12875.json"
vanir_signatures 
[
    {
        "digest": {
            "length": 551.0,
            "function_hash": "149353290322833323444482070843092751315"
        },
        "id": "CVE-2025-12875-93c2cc12",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94",
        "target": {
            "function": "ary_fill_exec",
            "file": "mrbgems/mruby-array-ext/src/array.c"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "162663467173257257899948362142358013753",
                "233587596947089813545051299879213914730",
                "134627835719946752048594409195631030489"
            ]
        },
        "id": "CVE-2025-12875-ac070710",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/makesoftwaresafe/mruby/commit/93619f06dd378db6766666b30c08978311c7ec94",
        "target": {
            "file": "mrbgems/mruby-array-ext/src/array.c"
        }
    }
]
vanir_signatures_modified 
"2026-04-12T14:04:26Z"