Segv0X

**Name of the Vulnerable Software and Affected Versions** Creolabs Gravity versions prior to 0.9.6 **Description** A heap buffer overflow exists in the `gravity vm exec()` function. This issue allows attackers to write out-of-bounds memory by crafting scripts containing numerous string literals at the global scope. Furthermore, insufficient bounds checking in the `gravity fiber reassign()` function can be exploited to corrupt heap metadata, potentially leading to arbitrary code execution in applications that evaluate untrusted scripts. **Recommendations** Update to version 0.9.6 or later.