---
title: "GitLab not affected by Rails vulnerability CVE-2014-3483"
date: 2014-07-03 13:55
categories: company
author: Jacob Vosmaer
---

Yesterday the developers of Ruby on Rails released a [security advisory for SQL injection vulnerability CVE-2014-3483](https://groups.google.com/forum/#!topic/rubyonrails-security/wDxePLJGZdI).
GitLab is not affected by this vulnerability.

## Background

CVE-2014-3483 affects applications which use PostgreSQL [bitstring](http://www.postgresql.org/docs/9.2/static/datatype-bit.html) or [range](http://www.postgresql.org/docs/9.2/static/rangetypes.html) types in their database schema.
GitLab uses neither of these types in its database schema.

Please contact us at support@gitlab.com if you have any questions about this issue.