Опубликовано: 22 июн. 2018
Источник: ubuntu
Приоритет: negligible
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.8
Описание
ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | not-affected | debian: Windows-specific |
| cosmic | ignored | end of life |
| devel | not-affected | debian: Windows-specific |
| disco | not-affected | debian: Windows-specific |
| eoan | not-affected | debian: Windows-specific |
| esm-apps/bionic | not-affected | debian: Windows-specific |
| esm-apps/xenial | not-affected | debian: Windows-specific |
| esm-infra-legacy/trusty | not-affected | debian: Windows-specific |
| precise/esm | DNE |
Показывать по
10
EPSS
Процентиль: 47%
0.00237
Низкий
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
больше 7 лет назад
ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.
CVSS3: 7.8
debian
больше 7 лет назад
ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can ...
EPSS
Процентиль: 47%
0.00237
Низкий
6.8 Medium
CVSS2
7.8 High
CVSS3