EUVD-2017-0272

Malware in sbrugna...

GHSA-MGX3-27HR-MFGP HTTParty does not restrict casts of string values

The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...

Type confusion

The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...

CVE-2013-1801

Technical details for CVE-2013-1801 are not publicly available in the provided documents. No vendor/product/version specifics or remediation are disclosed here. Monitor for updates from official sources to obtain concrete details and fixes.

CVE-2013-1801

The httparty gem 0.9.0 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for YAML type...

PT-2013-3400

Name of the Vulnerable Software and Affected Versions httparty gem version 0.9.0 and earlier Description The issue is related to the improper restriction of casts of string values, which could allow remote attackers to conduct object-injection attacks. This might lead to the execution of arbitrar...