CVE-2018-1000201
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000201
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000201.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1000201
- Aliases
- Published
- 2018-06-22T18:29:00Z
- Modified
- 2024-05-23T01:14:47.171186Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.
- References
Affected packages
Git / github.com/ffi/ffi
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ffi/ffi
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
0.*
0.1.0
0.2.0
0.3.0
0.3.1
0.3.2
0.4.0
0.5.0
0.6.0
0.6.1
0.6.2
0.6.3
1.*
1.0.0
1.0.1
1.0.10
1.0.12.pre
1.0.12rc3
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
1.1.0
1.1.0rc1
1.1.0rc2
1.1.0rc3
1.1.1
1.1.1.rc1
1.1.1.rc2
1.2.0
1.2.0.dev3
1.2.0.dev4
1.2.0.pre2
1.2.0.pre4
1.2.0.pre6
1.3.0
1.3.1
1.4.0
1.5.0
1.6.0
1.7.0
1.8.0
1.8.1
1.9.0
1.9.1
1.9.10
1.9.11
1.9.12
1.9.13
1.9.14
1.9.15
1.9.16
1.9.17
1.9.18
1.9.19
1.9.2
1.9.20
1.9.21
1.9.22
1.9.23
1.9.23.pre1
1.9.3
1.9.4
1.9.5
1.9.7
1.9.8
1.9.9
v1.*
v1.9.6