Lucene search

Moderate severity vulnerability that affects activerecord

🗓️ 13 Aug 2018 20:01:49Reported by GitHub Advisory DatabaseType

Active Record vulnerability in Ruby on Rails 4.2.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 198
Debian CVE	CVE-2013-0155	13 Jan 201322:55	–	debiancve
Debian CVE	CVE-2016-6317	7 Sep 201619:28	–	debiancve
Debian CVE	CVE-2013-6417	7 Dec 201300:55	–	debiancve
OSV	Active Record allows bypassing of database-query restrictions	24 Oct 201718:33	–	osv
OSV	ActiveRecord in Ruby on Rails allows database-query bypass	24 Oct 201718:33	–	osv
OSV	Action Pack contains database-query restrictions bypass	24 Oct 201718:33	–	osv
OSV	actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request	24 Oct 201718:33	–	osv
OSV	actionpack allows bypass of database-query restrictions	24 Oct 201718:33	–	osv
OSV	RHSA-2013:0582 Red Hat Security Advisory: Red Hat OpenShift Enterprise 1.1.1 update	15 Sep 202420:36	–	osv
NVD	CVE-2013-0155	13 Jan 201322:55	–	nvd

Vulners

Node

activerecord_project activerecordRange4.2.0–4.2.7.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2016-6317
github	www.github.com/advisories/GHSA-m8h6-m9p5-p2f8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Aug 2018 20:49Current

2.1Low risk

Vulners AI Score2.1

CVSS26.4

EPSS0.13405