Plattform
ruby
Komponente
httparty
Behoben in
0.10.0
CVE-2013-1801 is a security vulnerability affecting versions of the httparty Ruby gem prior to 0.10.0. This flaw allows attackers to inject objects and potentially execute arbitrary code through improper handling of string casts. The vulnerability stems from httparty's reliance on Action Pack's YAML type conversion, creating a pathway for exploitation. A fix is available in version 0.10.0.
The primary impact of CVE-2013-1801 is the potential for remote code execution (RCE). An attacker could craft a malicious YAML payload that, when processed by httparty, would result in the execution of arbitrary commands on the server. This could lead to complete system compromise, data theft, or further malicious activity. Beyond RCE, the vulnerability also presents a denial-of-service (DoS) risk. A carefully crafted payload could consume excessive memory and CPU resources, rendering the application or server unresponsive. The vulnerability's reliance on YAML conversion echoes the concerns raised by CVE-2013-0156, highlighting a broader class of object injection risks in Ruby applications.
CVE-2013-1801 was published in 2017, though the vulnerability itself dates back to 2013. Public proof-of-concept exploits are available, indicating a relatively low barrier to entry for attackers. While no active exploitation campaigns have been definitively linked to this CVE, its similarity to CVE-2013-0156 suggests it remains a potential target, particularly for systems running older, unpatched versions of Ruby and related libraries. It is not listed on CISA KEV.
Applications and systems utilizing the httparty gem in Ruby, particularly those handling external data or user input, are at risk. This includes web applications, APIs, and any Ruby scripts that rely on httparty for making HTTP requests. Legacy applications using older versions of Ruby and its dependencies are particularly vulnerable.
• ruby / gem: gem list httparty to check installed version. If ≤0.9.0, the system is vulnerable.
• ruby / gem: Inspect application code for usage of httparty and potential vulnerable code paths involving YAML parsing.
• ruby / system: Monitor system logs for unusual process activity or memory consumption related to Ruby applications using httparty.
discovery
disclosure
poc
Exploit-Status
EPSS
2.99% (86% Perzentil)
The recommended mitigation for CVE-2013-1801 is to immediately upgrade the httparty gem to version 0.10.0 or later. If upgrading is not immediately feasible due to compatibility issues or breaking changes, consider implementing input validation and sanitization to prevent the processing of untrusted YAML data. While a direct WAF rule is unlikely to be effective, restricting the types of data accepted by applications using httparty can help reduce the attack surface. Carefully review any third-party libraries or dependencies that might be introducing untrusted YAML data into the application.
Kein offizieller Patch verfügbar. Prüfe auf Workarounds oder überwache auf Updates.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2013-1801 is a HIGH severity vulnerability in the httparty Ruby gem (versions ≤0.9.0) that allows remote attackers to inject objects and potentially execute arbitrary code via improper string casts.
You are affected if your application uses httparty version 0.9.0 or earlier. Check your gem dependencies to determine if you are vulnerable.
Upgrade the httparty gem to version 0.10.0 or later. If upgrading is not possible, implement input validation to sanitize data before passing it to httparty.
While there's no definitive confirmation of widespread exploitation, public proof-of-concept exploits exist, indicating a potential risk.
Refer to the CVE entry on the NVD website (https://nvd.nist.gov/vuln/detail/CVE-2013-1801) for related advisories and information.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine Gemfile.lock-Datei hoch und wir sagen dir sofort, ob du betroffen bist.