Home Topic Applications Critical Vulnerability Derails Ruby on Rails

Critical Vulnerability Derails Ruby on Rails

June 1, 2012

The H reports on a newly-discovered SQL injection vulnerability in Ruby on Rails, affecting the 3.0.x, 3.1.x, and 3.2.x versions. “The vulnerability exists in versions 3.0 and later of Active Record, Rail’s database layer, and is exposed when using nested query parameters. Code that directly passes parameters to a where method, is affected. For example…

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR