CVE-2023-22794 - ActiveRecord SQL Injection via Insufficient Comment Sanitization
A serious security vulnerability, CVE-2023-22794, was revealed in ActiveRecord—an integral part of Ruby on Rails. This flaw affects numerous Rails apps that use any
CVE-2022-44566 - How a Simple Integer Caused a Denial of Service in ActiveRecord's PostgreSQL Adapter
In late 2022, a significant vulnerability was found in ActiveRecord, the default Object Relational Mapper (ORM) for Ruby on Rails, specifically in its PostgreSQL adapter.