activerecord vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-55193Mediumactiverecord: Active Record logging vulnerable to ANSI escape injectionCVE-2022-44566Highactiverecord: Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapterCVE-2023-22794Highactiverecord: SQL Injection Vulnerability via ActiveRecord commentsCVE-2022-32224Criticalactiverecord: Active Record RCE bug with Serialized ColumnsCVE-2013-3221Criticalactiverecord: Active Record component in Ruby on Rails has a data-type injection vulnerabilityCVE-2021-22880Highactiverecord: Active Record subject to Regular Expression Denial-of-Service (ReDoS)CVE-2008-4094Highactiverecord: Rails ActiveRecord gem vulnerable to SQL injectionCVE-2010-3933Mediumactiverecord: Rails activerecord gem has Improper Input Validation vulnerabilityCVE-2011-0448Highactiverecord: activerecord vulnerable to SQL InjectionCVE-2011-2930Highactiverecord: activerecord vulnerable to SQL InjectionCVE-2012-2661Mediumactiverecord: Active Record vulnerable to SQL Injection via nested query parametersCVE-2012-2695Highactiverecord: activerecord vulnerable to SQL InjectionCVE-2012-6496Highactiverecord: Active Record contains SQL InjectionCVE-2013-0155Mediumactiverecord: Active Record allows bypassing of database-query restrictionsCVE-2013-0276Mediumactiverecord: ActiveRecord vulnerable to modification of protected model attributesCVE-2013-0277Criticalactiverecord: Active Record contains deserialization of arbitrary YAMLCVE-2013-1854Mediumactiverecord: Active Record Improper Input ValidationCVE-2014-0080Mediumactiverecord: Array data injection vulnerability in activerecordCVE-2014-3482Highactiverecord: SQL Injection in Active RecordCVE-2014-3483Highactiverecord: Active Record contains SQL Injection via improper range quotingCVE-2014-3514Highactiverecord: Active Record subject to strong parameters protection bypassCVE-2015-7577Mediumactiverecord: Active Record Improper Access ControlCVE-2016-6317Highactiverecord: ActiveRecord in Ruby on Rails allows database-query bypass

Stop the waste.
Protect your environment with Kodem.