VDB
CVE-2018-1000201
CVE-2018-1000201
PUBLISHED
CVSS 7.800000190734863 HIGH
Ruby-ffi has a DLL loading issue
EPSS 0.24% · 47.0th percentile
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
0.24%
47.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| ruby-ffi_project | ruby-ffi | 0 |
| RubyGems | ffi | 0 |
Exploit Intelligence
- https://github.com/ffi/ffi/commit/e0fe486df0e117ed67b0282b6ada04b7214ca05c (circl)
- https://github.com/ffi/ffi/commit/09e0c6076466b4383da7fa4e13f714311109945a (circl)
- Container scanning and Dependency scanning report leaked to unauthorized users (hackerone)
- Container scanning and Dependency scanning report leaked to unauthorized users (hackerone)
- Container scanning and Dependency scanning report leaked to unauthorized users (hackerone)
Timeline
- CVE Published
- Dec 13, 2019 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://github.com/ffi/ffi/commit/e0fe486df0e117ed67b0282b6ada04b7214ca05c url
- https://github.com/ffi/ffi/commit/09e0c6076466b4383da7fa4e13f714311109945a url
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000201 advisory
- https://github.com/ffi/ffi package
- https://github.com/ffi/ffi/releases/tag/1.9.24 url
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ffi/CVE-2018-1000201.yml url