logo
DATABASE RESOURCES PRICING ABOUT US

Unsafe Query Generation Risk

Description

There is a vulnerability when Active Record is used in conjunction with JSON parameter parsing. This vulnerability is similar to CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155.


Affected Software


CPE Name Name Version
gem/activerecord 4.0.0.alpha
gem/activerecord 4.2.7.1

Related