ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ruby-ffi_project | ruby-ffi | * |