Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

rubygems activerecord Security Advisories

Browse all Security Advisories for rubygems activerecord

Loading...
High
GSA_kwCzR0hTQS01Nzl3LTIyajQtNDc0Oc4AAxDw
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: almost 2 years ago
High
GSA_kwCzR0hTQS1ocTdwLWozNzctNnY2M84AAxDu
SQL Injection Vulnerability via ActiveRecord comments
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 52.4
Published: almost 2 years ago
Critical
GSA_kwCzR0hTQS0zaGhjLXFwNXYtOXAyas4AAtT8
Active Record RCE bug with Serialized Columns
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 58.4
Published: over 2 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoYzQteHhtMy01cHBw
Active Record subject to Regular Expression Denial-of-Service (ReDoS)
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: over 3 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWptbTktMnAyOS12aDJ3
activerecord vulnerable to SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc2d3EteHc0aC1mOHdq
activerecord vulnerable to SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmOTYtMzJxMi05cncy
Rails ActiveRecord gem vulnerable to SQL injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdqeHctNXcycS03Z3Jm
Rails activerecord gem has Improper Input Validation vulnerability
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoMzktdjczMy1teGZy
Active Record vulnerable to SQL Injection via nested query parameters
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg2dzYteG1xdi03cTc4
activerecord vulnerable to SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdwcHAtNXhjNS13ZnB4
Active Record allows bypassing of database-query restrictions
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdyNDQtN2dyYy0zN3Zx
ActiveRecord vulnerable to modification of protected model attributes
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Critical
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZoajktY2pqaC0yN3Zt
Active Record contains deserialization of arbitrary YAML
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoMnctajdjeC0yNjY0
Active Record contains SQL Injection
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNjcnItOXZtZy04NjR2
Active Record Improper Input Validation
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlyZjUtam02Zi0yZm1t
Active Record subject to strong parameters protection bypass
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI4ZmgtaHEycC03cWhx
Active Record contains SQL Injection via improper range quoting
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1od3AtcWhwYy1oM2pt
SQL Injection in Active Record
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhxZjktcmM5ai01Zm1q
Array data injection vulnerability in activerecord
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 7 years ago
Moderate
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhycjYtM3BjNC1tNDQ3
Active Record Improper Access Control
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 31.6
Published: about 7 years ago
High
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXByM3ItNHdycC1yMnB2
ActiveRecord in Ruby on Rails allows database-query bypass
Ecosystems: rubygems
Packages: activerecord
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: about 7 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 2
Ecosystems: 12
Filter by Package
actionpack 60 nokogiri 43 rubygems-update 25 rack 23 puppet 23 activerecord 21 publify_core 14 camaleon_cms 14 activesupport 14 passenger 13 actionview 12 puma 12 decidim 11 rails 11 fat_free_crm 10 rails-html-sanitizer 9 bootstrap 9 bootstrap 9 org.webjars:bootstrap 9 bootstrap 9 twbs/bootstrap 9 jquery-rails 9 bootstrap-sass 8 org.webjars.npm:jquery 8 jquery 8 jQuery 7 org.jruby:jruby-stdlib 7 rexml 7 bootstrap.sass 7 jQuery.UI.Combined 7 org.webjars.npm:jquery-ui 7 jquery-ui-rails 7 jquery-ui 7 katello 6 doorkeeper 6 loofah 6 ember-source 6 sinatra 5 commonmarker 5 bootstrap-sass 5 spree_auth_devise 5 sidekiq 5 webrick 5 grpcio 5 grpc 5 spree 5 bundler 5 activestorage 4 mail 4 fluentd 4 devise 4 ruby-saml 4 dragonfly 4 rails_admin 4 sanitize 4 carrierwave 4 avo 4 com.google.protobuf:protobuf-java 3 com.google.protobuf:protobuf-kotlin 3 google-protobuf 3 cgi 3 gollum 3 omniauth 3 actiontext 3 resque 3 json-jwt 3 geminabox 3 rubyzip 3 chartkick 3 phlex 3 decidim-admin 3 yard 3 devise-two-factor 3 io.grpc:grpc-protobuf 3 git 3 openssl 3 spina 3 rack-cors 3 activeadmin 3 private_address_check 3 rest-client 3 decidim-core 3 rdoc 3 openc3 3 openc3 3 pghero 2 ruby-openid 2 yajl-ruby 2 administrate 2 omniauth-saml 2 omniauth-facebook 2 net-ldap 2 mapbox.js 2 paperclip 2 decidim-templates 2 cocoapods-downloader 2 mapbox-rails 2 pageflow 2 qiita-markdown 2 decidim-meetings 2 solidus_frontend 2 mini_magick 2 solidus_core 2 git-fastclone 2 i18n 2 maximebf/debugbar 2 radiant 2 kramdown 2 pdfkit 2 facter 2 ox 2 twitter-bootstrap-rails 2 bson 2 json 2 faye 2 sup 2 uri 2 actionmailer 2 redcarpet 2 field_test 2 mechanize 2 kaminari 2 org.webjars.npm:bootstrap 2 sprockets 2 user_agent_parser 2 echor 2 safemode 2 @openc3/tool-common 2 secure_headers 2 httparty 2 com.google.protobuf:protobuf-javalite 2 com.google.protobuf:protobuf-kotlin-lite 2 VladTheEnterprising 2 red-arrow 2 pyarrow 2 view_component 2 sidekiq-unique-jobs 2 logstash-core 2 thin 1 matestack-ui-core 1 restforce 1 activerecord-session_store 1 solidus_auth_devise 1 blazer 1 typo3/cms 1 typo3/cms-core 1 resque-scheduler 1 dependabot-common 1 rswag 1 pdf_info 1 inline_svg 1 multi_xml 1 Autolab 1 geokit-rails 1 gitlab-grit 1 foreman_ansible 1 railties 1 fugit 1 websocket-extensions 1 open-uri-cached 1 kredis 1 hub 1 github.com/github/hub 1 RedCloth 1 kitchen-terraform 1 apollo_upload_server 1 sisimai 1 solidus_backend 1 exiftool_vendored 1 sqlite3-ruby 1 narou 1 kelredd-pruview 1 wicked 1 mcollective-client 1 hiera 1 rack-mini-profiler 1 ruby-jss 1 ciborg 1 cap-strap 1 sha3 1 pysha3 1 twitter-stream 1 sequenceserver 1 lawn-login 1 chartkick 1 keynote 1 rails_multisite 1 rmagick 1 mongrel 1 unpoly-rails 1 bindata 1 decidim-decidim_awesome 1 jquery 1 net.sf.mpxj:mpxj 1 mpxj 1 mpxj 1 oxidized-web 1 net.sf.mpxj 1 smalruby 1 smalruby-editor 1