Skip to content

Ruby-ffi has a DLL loading issue  #8

New issue
New issue
Open
Open
Ruby-ffi has a DLL loading issue #8
Assignees
ls-barnaby-claydon
Labels
dependabothighsecurity
@sniffler-app

Description

@sniffler-app
sniffler-app
bot
opened on Apr 14, 2023

Description

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.

Informations

Manifest Path: Gemfile.lock

Please look at dependabot report :https://github.com/swipely/json_controller_generator/security/dependabot/59

Metadata

Metadata

Assignees

Labels

dependabothighsecurity

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions