---
gem: curl
cve: 2013-2617
osvdb: 91230
url: https://nvd.nist.gov/vuln/detail/CVE-2013-2617
title: Curl Gem for Ruby URI Handling Arbitrary Command Injection
date: 2013-03-12
description: Curl Gem for Ruby contains a flaw that is triggered during the
  handling of specially crafted input passed via the URL.  This may allow
  a context-dependent attacker to potentially execute arbitrary commands by
  injecting them via a semi-colon (;).
cvss_v2: 7.5
patched_versions: