CVE-2023-22794
HIGHActiveRecord <6.0.6.1, 6.1.7.1, 7.0.4.1 - SQL Injection via Insufficient Comment Sanitization
Title source: llmDescription
A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to the sanitization of comments. If malicious user input is passed to either the `annotate` query method, the `optimizer_hints` query method, or through the QueryLogs interface which automatically adds annotations, it may be sent to the database withinsufficient sanitization and be able to inject SQL outside of the comment.
References (3)
Core 3
Core References
Exploit, Patch, Vendor Advisory
https://discuss.rubyonrails.org/t/cve-2023-22794-sql-injection-vulnerability-via-activerecord-comments/82117
Vendor Advisory
https://security.netapp.com/advisory/ntap-20240202-0008/
Third Party Advisory vendor-advisory
https://www.debian.org/security/2023/dsa-5372
Scores
CVSS v3
8.8
EPSS
0.0576
EPSS Percentile
90.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (2)
activerecord_project/activerecord
6.0.0 - 6.0.6.1
rubygems/activerecord
6.0.0 - 6.0.6.1RubyGems
Published
Feb 09, 2023
Tracked Since
Feb 18, 2026