Critical severity9.8NVD Advisory· Published Oct 24, 2018· Updated Jun 17, 2026
CVE-2018-18476
CVE-2018-18476
Description
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mysql-binuuid-railsRubyGems | < 1.1.1 | 1.1.1 |
Affected products
1Patches
Vulnerability mechanics
References
6- github.com/nedap/mysql-binuuid-rails/pull/18nvdPatchThird Party AdvisoryWEB
- gist.github.com/viraptor/881276ea61e8d56bac6e28454c79f1e6nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-6j63-35hj-vmcgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-18476ghsaADVISORY
- github.com/nedap/mysql-binuuid-rails/commit/9ae920951b46ff0163b16c55d744e89acb1036d4ghsaWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/mysql-binuuid-rails/CVE-2018-18476.ymlghsaWEB
News mentions
0No linked articles in our index yet.