Command Execution Vulnerability in Curl Gem for Ruby
CVE-2013-2617

Currently unrated

Key Information:

Vendor: Curl Project
Status: Curl
Vendor: CVE Published:; 20 March 2013

What is CVE-2013-2617?

The Curl Gem for Ruby contains a vulnerability that permits remote attackers to execute arbitrary commands on the server by leveraging shell metacharacters embedded within a crafted URL. This flaw can lead to significant security risks if exploited, allowing unauthorized access and control over affected systems.

References

http://packetstormsecurity.com/files/120778/Ruby-Gem-Curl...

x_refsource_MISC

http://www.osvdb.org/91230

vdb-entryx_refsource_OSVDB

http://www.openwall.com/lists/oss-security/2013/03/19/9

mailing-listx_refsource_MLIST

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 20, 2013

Curl Project

What is CVE-2013-2617?

References

Timeline