Vulnerability Description
multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service (memory and CPU consumption) involving nested XML entity references, by leveraging support for (1) YAML type conversion or (2) Symbol type conversion, a similar vulnerability to CVE-2013-0156.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Erik Michaels-Ober | Multi Xml | 0.5.2 |
| Ruby-Lang | Ruby | All versions |
| Grape Project | Grape | 0.1.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2013/01/11/9
- https://gist.github.com/nate/d7f6d9f4925f413621aa
- https://github.com/sferik/multi_xml/pull/34
- https://groups.google.com/forum/?fromgroups=#%21topic/ruby-grape/fthDkMgIOa0
- https://news.ycombinator.com/item?id=5040457
- http://www.openwall.com/lists/oss-security/2013/01/11/9
- https://gist.github.com/nate/d7f6d9f4925f413621aa
- https://github.com/sferik/multi_xml/pull/34
- https://groups.google.com/forum/?fromgroups=#%21topic/ruby-grape/fthDkMgIOa0
- https://news.ycombinator.com/item?id=5040457
FAQ
What is CVE-2013-0175?
CVE-2013-0175 is a vulnerability with a CVSS score of 7.5 (HIGH). multi_xml gem 0.5.2 for Ruby, as used in Grape before 0.2.6 and possibly other products, does not properly restrict casts of string values, which allows remote attackers to conduct object-injection at...
How severe is CVE-2013-0175?
CVE-2013-0175 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0175?
Check the references section above for vendor advisories and patch information. Affected products include: Erik Michaels-Ober Multi Xml, Ruby-Lang Ruby, Grape Project Grape.