CVE-2011-0448 — SQL Injection in Rails

CWE-89 — SQL Injection6 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.7%

top 28.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Activerecord Project Activerecord Rubyonrails Rails

Timeline

PublishedFeb 21

Latest updateOct 24

Description

Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit function specify integer values, which makes it easier for remote attackers to conduct SQL injection attacks via a non-numeric argument.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDrubyonrails/rails5 versions+4

▶RubyGemsactiverecord_project/activerecord3.0.0 — 3.0.4

Patches

Patch: groups.google.com ↗Patch: weblog.rubyonrails.org ↗Patch: groups.google.com ↗

🔴Vulnerability Details

GHSA

activerecord vulnerable to SQL Injection↗2017-10-24

▶

OSV

activerecord vulnerable to SQL Injection↗2017-10-24

▶

CVEList

CVE-2011-0448: Ruby on Rails 3↗2011-02-21

▶

📋Vendor Advisories

Debian

CVE-2011-0448: rails - Ruby on Rails 3.0.x before 3.0.4 does not ensure that arguments to the limit fun...↗2011

▶

💬Community

Bugzilla

CVE-2011-0448 rubygem-activerecord: SQL injection attacks via a non-numeric arguments↗2011-02-22

▶