CVE-2011-0448: activerecord vulnerable to SQL Injection
7.5
CVSS Score
Basic Information
CVE ID
GHSA ID
EPSS Score
0.70834%
CWE
Published
10/24/2017
Updated
11/9/2023
KEV Status
No
Technology
Ruby
Technical Details
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
activerecord | rubygems | >= 3.0.0, < 3.0.4 | 3.0.4 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper input validation in the limit parameter handling. The commit diff shows the sanitize_limit method was modified to use Integer() instead of to_i, which strictly enforces integer validation. The original implementation (map{|i| i.to_i}) would silently convert non-integer values to 0 or partial integers, allowing attackers to inject SQL via non-numeric limit arguments. The patch explicitly raises ArgumentError for invalid inputs, confirming the vulnerability resided in this function.