RubyFlow The Ruby and Rails community linklog

×

The Ruby and Rails community linklog

Made a library? Written a blog post? Found a useful tutorial? Share it with the Ruby community here or just enjoy what everyone else has found!

Exploring CVE-2025-55193 - ANSI escape injection in Active Record logging

by panacotar

After last week’s security patches in Rails, I tested the ANSI escape injection vulnerability. I was curious about the damage it can do.

Here, I logged my PoC and research:

https://organicdarius.com/blog/exploring-the-ansi-escape-injection-in-active-record-logging-cve-2025-55193/

Post a comment

You can use basic HTML markup (e.g. <a>) or Markdown.

As you are not logged in, you will be
directed via GitHub to signup or sign in