Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3483HistoryJul 07, 2014 - 11:01 a.m.
CVE-2014-3483
2014-07-0711:01:30
Debian Security Bug Tracker
security-tracker.debian.org
17
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.009
Percentile
82.6%
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | rails | < 2:4.1.4-1 | rails_2:4.1.4-1_all.deb |
| Debian | 11 | all | rails | < 2:4.1.4-1 | rails_2:4.1.4-1_all.deb |
| Debian | 999 | all | rails | < 2:4.1.4-1 | rails_2:4.1.4-1_all.deb |
| Debian | 13 | all | rails | < 2:4.1.4-1 | rails_2:4.1.4-1_all.deb |
Related
veracode
veracode
SQL Command Injection By Leveraging Improper Range Quoting
2019-01-15 08:56:06
cve
cve
CVE-2014-3483
2014-07-07 11:01:30
nvd
nvd
CVE-2014-3483
2014-07-07 11:01:30
redhat
redhat
(RHSA-2014:0877) Moderate: ror40-rubygem-activerecord security update
2014-07-14 00:00:00
prion
prion
Sql injection
2014-07-07 11:01:00
osv
osv
Active Record contains SQL Injection via improper range quoting
2017-10-24 18:33:36
rubygems
rubygems
nessus
nessus
RHEL 6 / 7 : ror40-rubygem-activerecord (RHSA-2014:0877)
2024-04-27 00:00:00
Fedora 20 : rubygem-activerecord-4.0.0-4.fc20 (2014-8065)
2014-08-23 00:00:00
Debian DSA-2982-1 : ruby-activerecord-3.2 - security update
2014-07-21 00:00:00
github
github
Active Record contains SQL Injection via improper range quoting
2017-10-24 18:33:36
ubuntucve
ubuntucve
CVE-2014-3483
2014-07-07 00:00:00
gitlab
gitlab
SQL Injection Vulnerabilities Affecting PostgreSQL
2014-07-07 00:00:00
hackerone
hackerone
cvelist
cvelist
CVE-2014-3483
2014-07-07 10:00:00
mageia
mageia
Updated ruby-actionpack packages fix security issues
2014-07-26 17:09:43
securityvulns
securityvulns
[SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update
2014-10-16 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0303)
2022-01-28 00:00:00
Fedora Update for rubygem-activerecord FEDORA-2014-8065
2014-08-23 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-activerecord-4.0.0-4.fc20
2014-08-23 02:01:38
[SECURITY] Fedora 20 Update: rubygem-activerecord-4.0.0-5.fc20
2014-09-26 09:01:18
debian
debian
[SECURITY] [DSA 2982-1] ruby-activerecord-3.2 security update
2014-07-19 10:09:34
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.009
Percentile
82.6%
Related for DEBIANCVE:CVE-2014-3483