CRITICAL9.8CVE-2022-32224Active Record RCE bug with Serialized Columns >= 7.0.0, < 7.0.3.1
HIGH8.8CVE-2023-22794SQL Injection Vulnerability via ActiveRecord comments >= 6.0.0, < 6.0.6.1
from 0, < 6.1.7.1
HIGH7.5rails - security update
>= 5.0.0, < 5.2.4.5
HIGH7.5ActiveRecord in Ruby on Rails allows database-query bypass
>= 4.2.0, < 4.2.7.1
MEDIUM5.3ruby-activerecord-3.2 - security update
>= 3.1.0, < 3.2.22.1
—Active Record logging vulnerable to ANSI escape injection
>= 8.0, < 8.0.2.1
—Active Record component in Ruby on Rails has a data-type injection vulnerability
from 0, < 4.2.0
—Rails activerecord gem has Improper Input Validation vulnerability
>= 2.3.9, < 2.3.10
—activerecord vulnerable to SQL Injection
>= 3.0.0.beta, < 3.0.14
—Active Record vulnerable to SQL Injection via nested query parameters
>= 3.0.0, < 3.0.13
—activerecord vulnerable to SQL Injection
>= 2.0.0, < 2.3.13
—activerecord vulnerable to SQL Injection
>= 3.0.0, < 3.0.4
—Rails ActiveRecord gem vulnerable to SQL injection
from 0, < 2.1.1
—Active Record Improper Input Validation
>= 2.3.0, < 2.3.18
—rails - input validation error
>= 3.0.0.beta, < 3.0.18
—Active Record contains deserialization of arbitrary YAML
from 0, < 2.3.17
—rails - SQL query manipulation
>= 3.0.0, < 3.0.19
—rails - several
from 0, < 2.3.17
—ruby-activerecord-3.2 - security update
>= 2.0.0, < 3.2.19
—Active Record contains SQL Injection via improper range quoting
>= 4.0.0, < 4.0.7
—Active Record subject to strong parameters protection bypass
>= 4.0.0, < 4.0.9
—Array data injection vulnerability in activerecord
>= 4.0.0, < 4.0.3