VYPR

rpm package

suse/rubygem-activerecord-5_1&distro=SUSE Linux Enterprise High Availability Extension 15 SP1

pkg:rpm/suse/rubygem-activerecord-5_1&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1

Vulnerabilities (2)

  • CVE-2022-44566Feb 9, 2023
    affected < 5.1.4-150000.5.6.1fixed 5.1.4-150000.5.6.1

    A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter <7.0.4.1 and <6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer val

  • CVE-2021-22880Feb 11, 2021
    affected < 5.1.4-5.3.3fixed 5.1.4-5.3.3

    The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too m