Ruby on Rails SQL Injection (CVE-2012-2695) From: Aaron Patterson <tenderlove () ruby-lang org> Date: Tue, 12 Jun 2012 14:30:29 -0700 SQL Injection Vulnerability in Ruby on Rails There is a SQL injection vulnerability in Active Record, in ALL versions. This vulnerability has been assigned the CVE identifier CVE-2012-2695. Versions Affected: ALL versions Not affected: NONE Fixed Versions: 3.2.6, 3.