CVE-2022-32224

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ruby on Rails versions prior to 7.0.3.1 Ruby on Rails versions prior to 6.1.6.1 Ruby on Rails versions prior to 6.0.5.1 Ruby on Rails versions prior to 5.2.8.1

Description A possible escalation to remote code execution (RCE) exists when using YAML serialized columns in Active Record. This could allow an attacker who can manipulate data in the database, via means like SQL injection, to escalate to an RCE. The issue arises when serialized columns that use YAML are deserialized, and Rails uses YAML.unsafe load to convert the YAML data into Ruby objects.

Recommendations For versions prior to 7.0.3.1, update to version 7.0.3.1 or later. For versions prior to 6.1.6.1, update to version 6.1.6.1 or later. For versions prior to 6.0.5.1, update to version 6.0.5.1 or later. For versions prior to 5.2.8.1, update to version 5.2.8.1 or later.

Exploit

Fix

RCE

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

ALSA-2025_16880

ALT-PU-2022-2630

ALT-PU-2023-4268

ALT-PU-2024-7814

CVE-2022-32224

DLA-3093-1

DLA-3093-2

GHSA-3HHC-QP5V-9P2J

OPENSUSE-SU-2023:0009-1

OPENSUSE-SU-2024:12244-1

OPENSUSE-SU-2024:12879-1

OPENSUSE-SU-2024:14069-1

OPENSUSE-SU-2025:15112-1

RHSA-2023:0261

RHSA-2023:1151

RHSA-2023:2097

RLSA-2023:2097

RLSA-2023_2097

Affected Products

Alt Linux

Astra Linux

Debian

Rocky Linux

Ruby On Rails

CVE-2022-32224

Weakness Enumeration

Related Identifiers

Affected Products

References · 32