Ruby/activerecord-oracle_enhanced-adapter/1.1.6
Oracle enhanced
ActiveRecord adapter contains useful additional methods for working with new and legacy Oracle databases.
This adapter is superset of original ActiveRecord Oracle adapter.
https://rubygems.org/gems/activerecord-oracle_enhanced-adapter
UNKNOWN
1 Security Vulnerabilities
Oracle "enhanced" ActiveRecord Gem for Ruby :limit / :offset SQL Injection
Oracle enhanced
ActiveRecord Gem for Ruby contains a flaw that may allow an
attacker to carry out an SQL injection attack. The issue is due to the
program not properly sanitizing user-supplied input related to the :limit and
:offset functions. This may allow an attacker to inject or manipulate SQL
queries in the back-end database, allowing for the manipulation or disclosure
of arbitrary data.
105 Other Versions
Version | License | Security | Released | |
---|---|---|---|---|
1.1.4 | UNKNOWN | 1 | 2009-07-25 - 18:35 | almost 15 years |
1.1.3 | UNKNOWN | 1 | 2009-07-25 - 18:35 | almost 15 years |
1.1.2 | UNKNOWN | 1 | 2009-07-25 - 18:35 | almost 15 years |
1.1.1 | UNKNOWN | 1 | 2009-07-25 - 18:35 | almost 15 years |
1.1.0 | UNKNOWN | 1 | 2009-07-25 - 18:35 | almost 15 years |