Lucene search
HackeroneCVELIST:CVE-2022-44566HistoryFeb 09, 2023 - 12:00 a.m.
CVE-2022-44566
2023-02-0900:00:00
CWE-400
hackerone
www.cve.org
A denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan resulting in potential Denial of Service.
CNA Affected
[
{
"vendor": "n/a",
"product": "https://github.com/rails/rails",
"versions": [
{
"version": "7.0.4.1, 6.1.7.1",
"status": "affected"
}
]
}
]Related
gitlab
gitlab
Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter
2023-01-18 00:00:00
Uncontrolled Resource Consumption
2023-02-09 00:00:00
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : rubygem-activerecord-5_1 (SUSE-SU-2023:0492-1)
2023-02-24 00:00:00
Rocky Linux 8 : Satellite 6.14 (RLSA-2023:6818)
2023-11-11 00:00:00
osv
osv
CVE-2022-44566
2023-02-09 20:15:11
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
2023-01-18 18:21:12
nvd
nvd
CVE-2022-44566
2023-02-09 20:15:11
prion
prion
Design/Logic Flaw
2023-02-09 20:15:00
veracode
veracode
Denial Of Service (DoS)
2023-01-24 08:21:56
debiancve
debiancve
CVE-2022-44566
2023-02-09 20:15:11
ubuntucve
ubuntucve
CVE-2022-44566
2023-02-09 00:00:00
github
github
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
2023-01-18 18:21:12
redhatcve
redhatcve
CVE-2022-44566
2023-01-26 14:35:25
cve
cve
CVE-2022-44566
2023-02-09 20:15:11
rubygems
rubygems
Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter
2023-01-17 21:00:00
rocky
rocky
Satellite 6.14 security and bug fix update
2023-11-11 22:58:57
redhat
redhat
(RHSA-2023:6818) Important: Satellite 6.14 security and bug fix update
2023-11-08 14:10:25