CVE-2013-1801 (httparty): httparty Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

January 14th, 2013

ADVISORIES

CVE-2013-1801 (NVD)
GHSA-mgx3-27hr-mfgp
OSVDB-90741

GEM

httparty

SEVERITY

CVSS v2.0: 7.5 (High)

PATCHED VERSIONS

>= 0.10.0

DESCRIPTION

httparty Gem for Ruby contains a flaw that is triggered when a type casting error occurs during the parsing of parameters. This may allow a context-dependent attacker to potentially execute arbitrary code.

RubySec

CVE-2013-1801 (httparty): httparty Gem for Ruby Type Casting Parameter Parsing Remote Code Execution

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories