CVE-2023-22794 — SQL Injection in Project Activerecord

CWE-89 — SQL Injection7 documents6 sources

Severity

8.8HIGHNVD

EPSS

6.7%

top 8.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rubyonrails Rails Activerecord Project Activerecord Https Github.com Rails Rails

Timeline

PublishedFeb 9

Description

A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages4 packages

▶NVDactiverecord_project/activerecord6.0.0 — 6.0.6.1+2

▶RubyGemsactiverecord_project/activerecord6.0.0 — 6.0.6.1+2

▶Debianrubyonrails/rails< 2:6.0.3.7+dfsg-2+deb11u1+3

▶CVEListV5https/github.com_rails_rails6.0.6.1, 6.1.7.1, 7.0.4.1

Patches

Patch: discuss.rubyonrails.org ↗Patch: discuss.rubyonrails.org ↗

🔴Vulnerability Details

CVEList

CVE-2023-22794: A vulnerability in ActiveRecord <6↗2023-02-09

▶

OSV

CVE-2023-22794: A vulnerability in ActiveRecord <6↗2023-02-09

▶

OSV

SQL Injection Vulnerability via ActiveRecord comments↗2023-01-18

▶

GHSA

SQL Injection Vulnerability via ActiveRecord comments↗2023-01-18

▶

📋Vendor Advisories

Red Hat

rubygem-activerecord: SQL Injection↗2023-01-20

▶

Debian

CVE-2023-22794: rails - A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the s...↗2023

▶