Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Activerecord ProjectActiverecord

3 matches found

CVE
CVEadded 2023/02/09 12:0 a.m.288 views

CVE-2022-44566

CVE-2022-44566 affects Rails’ ActiveRecord PostgreSQL adapter when a value outside the 64-bit signed integer range is provided, causing PostgreSQL to treat the column as numeric and potentially trigger a slow sequential scan leading to DoS. Public details confirm the vulnerability and its impact;...

7.5CVSS7.2AI score0.01543EPSS
CVE
CVEadded 2022/12/05 12:0 a.m.277 views

CVE-2022-32224

CVE-2022-32224 : Rails/ActiveRecord YAML deserialization issue. YAML-serialized columns can be deserialized with YAML.unsafe_load, enabling an attacker who can manipulate data in the database (e.g., via SQL injection) to escalate to remote code execution (RCE). Affected Rails/ActiveRecord version...

9.8CVSS9.5AI score0.01944EPSS
CVE
CVEadded 2023/02/09 12:0 a.m.271 views

CVE-2023-22794

CVE-2023-22794 affects ActiveRecord versions

8.8CVSS8.6AI score0.05757EPSS