Jeremy Evans

**Name of the Vulnerable Software and Affected Versions** ActiveRecord versions prior to 6.1.7.1 ActiveRecord versions prior to 7.0.4.1 **Description** A denial of service issue is present in ActiveRecord's PostgreSQL adapter. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric values can result in a slow sequential scan, potentially leading to a denial of service. The issue is related to insufficient input validation in the PostgreSQL adapter. **Recommendations** For versions prior to 6.1.7.1, update to version 6.1.7.1 or apply the patch 6-1-Added-integer-width-check-to-PostgreSQL-Quoting.patch. For versions prior to 7.0.4.1, update to version 7.0.4.1 or apply the patch 7-0-Added-integer-width-check-to-PostgreSQL-Quoting.patch. As a temporary workaround, ensure that user-supplied input provided to ActiveRecord clauses does not contain integers wider than a signed 64bit representation or floats.

**Name of the Vulnerable Software and Affected Versions** JSON gem versions 2.2.0 and earlier Ruby versions 2.4 through 2.4.9 Ruby versions 2.5 through 2.5.7 Ruby versions 2.6 through 2.6.5 **Description** The JSON gem for Ruby has an Unsafe Object Creation issue due to insufficient input validation. This can lead to the creation of a malicious object within the interpreter when using JSON parsing methods, resulting in application-dependent adverse effects. The issue is similar to a previously known vulnerability but does not rely on poor garbage collection behavior within Ruby. **Recommendations** For JSON gem version 2.2.0 and earlier, update to a version with improved checks. For Ruby versions 2.4 through 2.4.9, consider updating to a version with the improved JSON gem. For Ruby versions 2.5 through 2.5.7, consider updating to a version with the improved JSON gem. For Ruby versions 2.6 through 2.6.5, consider updating to a version with the improved JSON gem.

**Name of the Vulnerable Software and Affected Versions** Phusion Passenger versions prior to 5.1.0 **Description** The issue arises from the use of a known /tmp filename during the execution of the passenger-install-nginx-module, potentially allowing local attackers to gain the privileges of the passenger user. **Recommendations** For versions prior to 5.1.0, update to version 5.1.0 or later to resolve the issue.