Bug 2164785 (CVE-2023-22794) - CVE-2023-22794 rubygem-activerecord: SQL Injection
Summary: CVE-2023-22794 rubygem-activerecord: SQL Injection
Keywords:
Status: NEW
Alias: CVE-2023-22794
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: Red Hat2164787 2164786
Blocks: Embargoed2162605
TreeView+ depends on / blocked
 
Reported: 2023-01-26 13:57 UTC by ybuenos
Modified: 2023-05-15 20:19 UTC (History)
10 users (show)

Fixed In Version: rubygem-activerecord 6.0.6.1, rubygem-activerecord 6.1.7.1, rubygem-activerecord 7.0.4.1
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in RubyGem's activerecord gem, which is vulnerable to SQL injection. This flaw allows a remote attacker to send specially-crafted SQL statements to the comments, allowing the attacker to view, add, modify, or delete information in the back-end database.
Clone Of:
Environment:
Last Closed:

Attachments (Terms of Use)

Description ybuenos 2023-01-26 13:57:56 UTC 
If malicious user input is passed to either the annotate query method, the optimizer_hints query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database with insufficient sanitization and be able to inject SQL outside of the comment.
Comment 1 ybuenos 2023-01-26 14:00:15 UTC 
Created rubygem-activerecord tracking bugs for this issue:

Affects: fedora-all [bug 2164786]
Note You need to log in before you can comment on or make changes to this bug.