Back to search
CVE-2018-1000201
Published: Jun 22, 2018
Modified: Aug 5, 2024
PUBLISHED
Description
ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/ffi/ffi/commit/e0fe486df0e117ed67b0282b6ada04b7214ca05c
x_refsource_CONFIRM
https://github.com/ffi/ffi/commit/09e0c6076466b4383da7fa4e13f714311109945a
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now