Skip to main content

Update By Case

1 CVEs product

Monthly

CVE-2022-35956 Ruby CRITICAL PATCH Act Now

This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement for it. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Update By Case
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

This Rails gem adds two methods to the ActiveRecord::Base class that allow you to update many records on a single database hit, using a case sql statement for it. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Update By Case
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy