CVE-2023-22794
CVSS V2 None
CVSS V3 None
Description
A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
Overview
- CVE ID
- CVE-2023-22794
- Assigner
- support@hackerone.com
- Vulnerability Status
- Modified
- Published Version
- 2023-02-09T20:15:11
- Last Modified Date
- 2023-03-14T08:15:13
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:activerecord_project:activerecord:*:*:*:*:*:ruby:*:* | 1 | OR | 6.0.0 | 6.0.6.1 |
| cpe:2.3:a:activerecord_project:activerecord:*:*:*:*:*:ruby:*:* | 1 | OR | 6.1.0 | 6.1.7.1 |
| cpe:2.3:a:activerecord_project:activerecord:*:*:*:*:*:ruby:*:* | 1 | OR | 7.0.0 | 7.0.4.1 |
References
| Reference URL | Reference Tags |
|---|---|
| https://discuss.rubyonrails.org/t/cve-2023-22794-sql-injection-vulnerability-via-activerecord-comments/82117 | Exploit Patch Vendor Advisory |
| https://www.debian.org/security/2023/dsa-5372 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-22794 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22794 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-04-17 07:28:20 | Added to TrackCVE | |||
| 2023-04-17 07:28:22 | Weakness Enumeration | new |