MidnightBSD

Advisories for ruby-ffi_project

CVE-2018-1000201 MEDIUM

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-426,

Products Affected

Vendor Product Version
ruby-ffi_project ruby-ffi *