Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems activerecord Security Advisories

Loading...
High
GSA_kwCzR0hTQS01Nzl3LTIyajQtNDc0Oc4AAxDw
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: about 1 year ago
High
GSA_kwCzR0hTQS1ocTdwLWozNzctNnY2M84AAxDu
SQL Injection Vulnerability via ActiveRecord comments
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: about 1 year ago
Critical
GSA_kwCzR0hTQS0zaGhjLXFwNXYtOXAyas4AAtT8
Active Record RCE bug with Serialized Columns
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 1 year ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoYzQteHhtMy01cHBw
Active Record subject to Regular Expression Denial-of-Service (ReDoS)
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: almost 3 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdwaGotZ21neC0ycjY2
Moderate severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhtNDgtNzZ3aC1xODZ2
High severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW04aDYtbTlwNS1wMmY4
Moderate severity vulnerability that affects activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 5 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoMzktdjczMy1teGZy
Active Record vulnerable to SQL Injection via nested query parameters
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqeHctNXcycS03Z3Jm
Rails activerecord gem has Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptbTktMnAyOS12aDJ3
activerecord vulnerable to SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmOTYtMzJxMi05cncy
Rails ActiveRecord gem vulnerable to SQL injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2dzYteG1xdi03cTc4
activerecord vulnerable to SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d3EteHc0aC1mOHdq
activerecord vulnerable to SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjcnItOXZtZy04NjR2
Active Record Improper Input Validation
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoMnctajdjeC0yNjY0
Active Record contains SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwcHAtNXhjNS13ZnB4
Active Record allows bypassing of database-query restrictions
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoajktY2pqaC0yN3Zt
Active Record contains deserialization of arbitrary YAML
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyNDQtN2dyYy0zN3Zx
ActiveRecord vulnerable to modification of protected model attributes
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxZjktcmM5ai01Zm1q
Array data injection vulnerability in activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyZjUtam02Zi0yZm1t
Active Record subject to strong parameters protection bypass
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4ZmgtaHEycC03cWhx
Active Record contains SQL Injection via improper range quoting
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1od3AtcWhwYy1oM2pt
SQL Injection in Active Record
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhycjYtM3BjNC1tNDQ3
Active Record Improper Access Control
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXByM3ItNHdycC1yMnB2
ActiveRecord in Ruby on Rails allows database-query bypass
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Published: over 6 years ago
Filter by Package
actionpack 63 nokogiri 41 rubygems-update 25 activerecord 24 puppet 23 rack 20 activesupport 15 actionview 14 publify_core 14 passenger 13 rails-html-sanitizer 12 puma 11 fat_free_crm 11 jquery-rails 11 jquery 10 org.webjars.npm:jquery 10 rails 10 jQuery 8 jQuery.UI.Combined 8 org.webjars.npm:jquery-ui 8 jquery-ui 8 jquery-ui-rails 8 org.jruby:jruby-stdlib 7 decidim 7 doorkeeper 7 loofah 6 commonmarker 6 ember-source 6 camaleon_cms 6 spree 5 spree_auth_devise 5 katello 5 bundler 5 fluentd 4 sidekiq 4 devise 4 safemode 4 grpcio 4 avo 4 sanitize 4 sinatra 4 rubyzip 4 grpc 4 mail 4 dragonfly 4 webrick 4 omniauth 3 devise-two-factor 3 decidim-core 3 chartkick 3 git 3 paperclip 3 rest-client 3 bootstrap 3 bootstrap 3 io.grpc:grpc-protobuf 3 private_address_check 3 ruby-saml 3 carrierwave 3 rails_admin 3 sprockets 3 cgi 3 httparty 3 resque 3 activeadmin 3 geminabox 3 gollum 3 openssl 3 activestorage 3 pdfkit 2 radiant 2 i18n 2 faye 2 user_agent_parser 2 metasploit-framework 2 bson 2 festivaltts4r 2 mapbox-rails 2 secure_headers 2 bootstrap-sass 2 mapbox.js 2 omniauth-facebook 2 VladTheEnterprising 2 spina 2 ruby-openid 2 json-jwt 2 ox 2 web-console 2 google-protobuf 2 colorscore 2 git-fastclone 2 com.google.protobuf:protobuf-java 2 com.google.protobuf:protobuf-kotlin 2 solidus_core 2 espeak-ruby 2 minitar 2 archive-tar-minitar 2 solidus_frontend 2 view_component 2 cocoapods-downloader 2 mechanize 2 twitter-bootstrap-rails 2 facter 2 field_test 2 pghero 2 rdoc 2 logstash-core 2 administrate 2 yard 2 pageflow 2 kramdown 2 qiita-markdown 2 net-ldap 2 sup 2 devise_invitable 2 uri 2 redcarpet 2 resque-scheduler 2 echor 2 activemodel 2 decidim-templates 2 jquery 2 govuk_tech_docs 2 json 2 pyarrow 2 red-arrow 2 rack-cors 2 yajl-ruby 2 encoded_id-rails 2 rack-mini-profiler 2 iodine 2 audited 2 mini_magick 2 smashing 1 solidus_auth_devise 1 solidus_api 1 omniauth-auth0 1 rails_multisite 1 gitaly 1 backup_checksum 1 md2pdf 1 backup-agoddard 1 lita-coin 1 better_errors 1 exiftool_vendored 1 trestle-auth 1 pgsync 1 thumbshooter 1 faye-websocket 1 goliath 1 agoo 1 dalli 1 em-imap 1 pdf_info 1 elastic-apm 1 fog-dragonfly 1 narou 1 rexml 1 netaddr 1 alchemy_cms 1 update_by_case 1 cap-strap 1 mongrel 1 brbackup 1 ruby-jss 1 addressable 1 matestack-ui-core 1 twitter-stream 1 unpoly-rails 1 kaminari 1 active_attr 1 decidim-system 1 decidim-admin 1 tmpdir 1 csv-safe 1 consul 1 mixlib-archive 1 smalruby-editor 1 smalruby 1 kafo 1 chartkick 1 xapian-core 1 omniauth-weibo-oauth2 1 thin 1 point-cli 1 hammer_cli_foreman 1 ftpd 1 gon 1 ccsv 1 ldap_fluff 1 authlogic 1 kajam 1 lean-ruport 1 tweetstream 1 flash_tool 1 awesome_spawn 1 sisimai 1 reel 1 jekyll 1 message_bus 1 image_processing 1 oauth 1 bindata 1 blazer 1 gibbon 1 foreman_fog_proxmox 1 random_password_generator 1 trilogy 1 papercrop 1 pysha3 1 jruby-openssl 1 sha3 1 pay 1 activejob 1 kitchen-terraform 1 sidekiq-unique-jobs 1 asciidoctor 1 oxidized-web 1 inline_svg 1 asciidoctor-include-ext 1 karteek-docsplit 1 jquery-ujs 1 ruby_parser-legacy 1 rack-cache 1 org.jruby:jruby-parent 1 simple_form 1 redis-store 1 easymon 1 cairo 1 simple_captcha2 1 smart_proxy_dynflow 1 rexical 1 crack 1 rbovirt 1 extlib 1 omniauth_amazon 1 coming-soon 1 bitcoin_vanity 1 capistrano-colors 1 doge-coin 1 awesome-bot 1 blockchain_wallet 1 coin_base 1 lawn-login 1 aescrypt 1 ffi 1 protocol-http1 1 samlr 1 em-http-request 1 cocaine 1 redcloth 1 strong_password 1 chloride 1 features 1 fileutils 1 ruby_parser 1 gtk2 1 arabic-prawn 1 ldoce 1 sprout 1 newrelic_rpm 1 clearance 1 bio-basespace-sdk 1 moped 1 nori 1 cron_parser 1 Bootstrap.Less 1 handlebars 1 bootstrap-wysihtml5-rails 1 omniauth-microsoft_graph 1 RedCloth 1 time 1 date 1 chef 1 uap-core 1 github.com/pubnub/swift 1 pubnub 1 pubnub 1 pubnub/pubnub 1 pubnub 1 pubnub 1 Pubnub 1 github.com/pubnub/go/v5 1 github.com/pubnub/go/v6 1 github.com/pubnub/go 1 github.com/pubnub/go/v7 1 com.pubnub:pubnub 1 com.pubnub:pubnub-kotlin 1 openshift-origin-controller 1 gemirro 1 omniauth-saml 1 paranoid2 1 recurly 1 slanger 1 rack-protection 1 rake 1 webbynode 1 omniauth-apple 1 dependabot-common 1 dependabot-omnibus 1