SQL injection vulnerability in activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 4.x before 4.0.7 and 4.1.x before 4.1.3 allows remote attackers to execute arbitrary SQL commands by leveraging improper range quoting.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-07-07T10:00:00

Updated: 2024-08-06T10:43:06.187Z

Reserved: 2014-05-14T00:00:00

Link: CVE-2014-3483

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-07-07T11:01:30.573

Modified: 2024-11-21T02:08:12.387

Link: CVE-2014-3483

cve-icon Redhat

Severity : Moderate

Publid Date: 2014-07-02T00:00:00Z

Links: CVE-2014-3483 - Bugzilla