VDB
DEBIAN-CVE-2014-3483
DEBIAN-CVE-2014-3483
PUBLISHED
CVSS 9.300000190734863 CRITICAL
SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | rails | 0, 0, 0 |
| Debian:11 | rails | 0, 0, 0 |
| Debian:14 | rails | 0, 0, 0 |
| Debian:13 | rails | 0, 0, 0 |
Timeline
- Jul 7, 2014 CVE Published
- Apr 28, 2026 CVE Updated