UpgradeRuby.com

The go-to resource for upgrading Ruby, Rails, and your dependencies.

Posts Tagged: cve-2008-4094

CVE-2008-4094: SQL Injection via limit and offset in Ruby on Rails

An in-depth look at CVE-2008-4094, a high-severity SQL injection vulnerability in early Ruby on Rails versions, and the importance of upgrading legacy systems.

Mar 15, 2026

securitycvecve-2008-4094sql-injectionactiverecordrailslegacy