activerecord 7.2.0.beta1
1 security vulnerability
found in version
7.2.0.beta1
Active Record logging vulnerable to ANSI escape injection
medium severity CVE-2025-55193
medium severity
CVE-2025-55193
Patched versions:
~> 7.1.5.2, ~> 7.2.2.2, >= 8.0.2.1
This vulnerability has been assigned the CVE identifier CVE-2025-55193
Impact
The ID passed to find or similar methods may be logged without
escaping. If this is directly to the terminal, it may include
unescaped ANSI sequences.
Releases
The fixed releases are available at the normal locations.
Credits
Thanks to lio346 for reporting this vulnerability.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.