3 matches found
CVE-2013-1801
The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...
CVE-2013-1801
Technical details for CVE-2013-1801 are not publicly available in the provided documents. No vendor/product/version specifics or remediation are disclosed here. Monitor for updates from official sources to obtain concrete details and fixes.
CVE-2013-1801
The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...