Описание
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 2.1.0-6 |
| feisty | ignored | end of life, was needs-triage |
| gutsy | ignored | end of life, was needs-triage |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | not-affected | 2.1.0-6 |
| karmic | not-affected | 2.1.0-6 |
| lucid | not-affected | 2.1.0-6 |
| maverick | not-affected | 2.1.0-6 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 87%
0.03119
Низкий
7.5 High
CVSS2
Связанные уязвимости
nvd
больше 17 лет назад
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) :limit and (2) :offset parameters, related to ActiveRecord, ActiveSupport, ActiveResource, ActionPack, and ActionMailer.
debian
больше 17 лет назад
Multiple SQL injection vulnerabilities in Ruby on Rails before 2.1.1 a ...
EPSS
Процентиль: 87%
0.03119
Низкий
7.5 High
CVSS2