Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Active Record logging vulnerable to ANSI escape injection
Vulnerability Description
Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be logged without escaping. If this is directly to the terminal it may include unescaped ANSI sequences. This issue has been patched in versions 7.1.5.2, 7.2.2.2, and 8.0.2.1.
CVSS Information
N/A
Vulnerability Type
转义、元或控制序列转义处理不恰当
Vulnerability Title
Rails 安全漏洞
Vulnerability Description
Rails是美国Rails团队的一套基于Ruby语言的开源Web应用框架。 Rails 7.1.5.2、7.2.2.2和8.0.2.1之前版本存在安全漏洞,该漏洞源于未转义的ID可能包含ANSI序列,可能导致终端显示问题。
CVSS Information
N/A
Vulnerability Type
N/A