pkg:RubyGems/activerecord

共 23 筆 CVECRITICAL1HIGH4MEDIUM1

✅ 檢查你的版本

所有已知漏洞

CRITICAL9.8CVE-2022-32224Active Record RCE bug with Serialized Columns
>= 7.0.0, < 7.0.3.1
HIGH8.8CVE-2023-22794SQL Injection Vulnerability via ActiveRecord comments
>= 6.0.0, < 6.0.6.1
HIGH7.5CVE-2022-44566Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
from 0, < 6.1.7.1
HIGH7.5CVE-2021-22880rails - security update
>= 5.0.0, < 5.2.4.5
HIGH7.5CVE-2016-6317ActiveRecord in Ruby on Rails allows database-query bypass
>= 4.2.0, < 4.2.7.1
MEDIUM5.3CVE-2015-7577ruby-activerecord-3.2 - security update
>= 3.1.0, < 3.2.22.1
—CVE-2025-55193Active Record logging vulnerable to ANSI escape injection
>= 8.0, < 8.0.2.1
—CVE-2013-3221Active Record component in Ruby on Rails has a data-type injection vulnerability
from 0, < 4.2.0
—CVE-2010-3933Rails activerecord gem has Improper Input Validation vulnerability
>= 2.3.9, < 2.3.10
—CVE-2012-2695activerecord vulnerable to SQL Injection
>= 3.0.0.beta, < 3.0.14
—CVE-2012-2661Active Record vulnerable to SQL Injection via nested query parameters
>= 3.0.0, < 3.0.13
—CVE-2011-2930activerecord vulnerable to SQL Injection
>= 2.0.0, < 2.3.13
—CVE-2011-0448activerecord vulnerable to SQL Injection
>= 3.0.0, < 3.0.4
—CVE-2008-4094Rails ActiveRecord gem vulnerable to SQL injection
from 0, < 2.1.1
—CVE-2013-1854Active Record Improper Input Validation
>= 2.3.0, < 2.3.18
—CVE-2012-6496rails - input validation error
>= 3.0.0.beta, < 3.0.18
—CVE-2013-0277Active Record contains deserialization of arbitrary YAML
from 0, < 2.3.17
—CVE-2013-0155rails - SQL query manipulation
>= 3.0.0, < 3.0.19
—CVE-2013-0276rails - several
from 0, < 2.3.17
—CVE-2014-3482ruby-activerecord-3.2 - security update
>= 2.0.0, < 3.2.19
—CVE-2014-3483Active Record contains SQL Injection via improper range quoting
>= 4.0.0, < 4.0.7
—CVE-2014-3514Active Record subject to strong parameters protection bypass
>= 4.0.0, < 4.0.9
—CVE-2014-0080Array data injection vulnerability in activerecord
>= 4.0.0, < 4.0.3