Risk Scores
CVSS v2.0
7.5
EPSS Score
1.25%
79.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| rubyonrails | rails | 4.0.0, 4.0.0, 4.0.0 |
| RubyGems | activerecord | 4.0.0, 4.1.0 |
Timeline
- Jul 7, 2014 CVE Published
- Aug 8, 2019 CVE Updated
- Feb 4, 2022 EPSS Score
- May 19, 2022 EPSS Score
- Sep 1, 2022 EPSS Score
- Oct 23, 2022 EPSS Score
- Feb 4, 2023 EPSS Score
- Mar 28, 2023 EPSS Score
- Jul 10, 2023 EPSS Score
- Oct 22, 2023 EPSS Score
- Feb 3, 2024 EPSS Score
- Mar 26, 2024 EPSS Score
References
- RHSA-2014:0877 vendor-advisory
- 59971 third-party-advisory
- [oss-security] 20140702 [CVE-2014-3482] [CVE-2014-3483] Ruby on Rails: Two Active Record SQL Injection Vulnerabilities Affecting PostgreSQL mailing-list
- [rubyonrails-security] 20140702 [CVE-2014-3482] [CVE-2014-3483] Two Active Record SQL Injection Vulnerabilities Affecting PostgreSQL mailing-list
- 60214 third-party-advisory
- DSA-2982 vendor-advisory
- 68341 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2014-3483 advisory
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activerecord/CVE-2014-3483.yml url
- https://web.archive.org/web/20200228150648/http://www.securityfocus.com/bid/68341 url