CVE Vulnerabilities

CVE-2013-1801

Published: Apr 09, 2013 | Modified: Apr 10, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) by leveraging Action Pack support for YAML type conversion, a similar vulnerability to CVE-2013-0156.

Affected Software

Name Vendor Start Version End Version
Httparty John_nunemaker 0.7.3 0.7.3
Httparty John_nunemaker 0.8.0 0.8.0
Httparty John_nunemaker * 0.9.0
Httparty John_nunemaker 0.6.1 0.6.1
Httparty John_nunemaker 0.2.2 0.2.2
Httparty John_nunemaker 0.7.7 0.7.7
Httparty John_nunemaker 0.5.0 0.5.0
Httparty John_nunemaker 0.3.1 0.3.1
Httparty John_nunemaker 0.1.8 0.1.8
Httparty John_nunemaker 0.6.0 0.6.0
Httparty John_nunemaker 0.7.1 0.7.1
Httparty John_nunemaker 0.2.8 0.2.8
Httparty John_nunemaker 0.7.4 0.7.4
Httparty John_nunemaker 0.4.5 0.4.5
Httparty John_nunemaker 0.4.2 0.4.2
Httparty John_nunemaker 0.7.8 0.7.8
Httparty John_nunemaker 0.1.2 0.1.2
Httparty John_nunemaker 0.1.3 0.1.3
Httparty John_nunemaker 0.2.7 0.2.7
Httparty John_nunemaker 0.1.1 0.1.1
Httparty John_nunemaker 0.2.0 0.2.0
Httparty John_nunemaker 0.7.0 0.7.0
Httparty John_nunemaker 0.5.2 0.5.2
Httparty John_nunemaker 0.4.0 0.4.0
Httparty John_nunemaker 0.2.9 0.2.9
Httparty John_nunemaker 0.7.5 0.7.5
Httparty John_nunemaker 0.1.0 0.1.0
Httparty John_nunemaker 0.2.5 0.2.5
Httparty John_nunemaker 0.2.1 0.2.1
Httparty John_nunemaker 0.2.4 0.2.4
Httparty John_nunemaker 0.4.1 0.4.1
Httparty John_nunemaker 0.2.3 0.2.3
Httparty John_nunemaker 0.8.3 0.8.3
Httparty John_nunemaker 0.1.5 0.1.5
Httparty John_nunemaker 0.4.4 0.4.4
Httparty John_nunemaker 0.8.2 0.8.2
Httparty John_nunemaker 0.7.2 0.7.2
Httparty John_nunemaker 0.7.6 0.7.6
Httparty John_nunemaker 0.1.7 0.1.7
Httparty John_nunemaker 0.2.6 0.2.6
Httparty John_nunemaker 0.4.3 0.4.3
Httparty John_nunemaker 0.8.1 0.8.1
Httparty John_nunemaker 0.1.6 0.1.6
Httparty John_nunemaker 0.2.10 0.2.10
Httparty John_nunemaker 0.5.1 0.5.1
Httparty John_nunemaker 0.3.0 0.3.0

References