VYPR
Low severityOSV Advisory· Published Aug 13, 2025· Updated Apr 15, 2026

CVE-2025-55193

CVE-2025-55193

Description

Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
activerecordRubyGems
>= 8.0, < 8.0.2.18.0.2.1
activerecordRubyGems
>= 7.2, < 7.2.2.27.2.2.2
activerecordRubyGems
< 7.1.5.27.1.5.2

Affected products

12

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.