VYPR

rpm package

suse/rubygem-activerecord-4_2&distro=SUSE OpenStack Cloud Crowbar 9

pkg:rpm/suse/rubygem-activerecord-4_2&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209

Vulnerabilities (2)

  • CVE-2022-44566Feb 9, 2023
    affected < 4.2.9-6.9.1fixed 4.2.9-6.9.1

    A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer val

  • CVE-2021-22880Feb 11, 2021
    affected < 4.2.9-6.6.1fixed 4.2.9-6.6.1

    The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too m