Описание
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | contains no code |
| bionic | not-affected | contains no code |
| cosmic | not-affected | contains no code |
| devel | not-affected | contains no code |
| disco | not-affected | contains no code |
| esm-apps/bionic | not-affected | contains no code |
| esm-apps/xenial | not-affected | contains no code |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [contains no code]] |
| lucid | ignored | end of life |
| precise | not-affected | contains no code |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| saucy | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| saucy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| saucy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | |
| lucid | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| saucy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | DNE | |
| precise | DNE | |
| precise/esm | DNE | |
| saucy | ignored | end of life |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
SQL injection vulnerability in activerecord/lib/active_record/connecti ...
Active Record contains SQL Injection via improper range quoting
EPSS
7.5 High
CVSS2