Is GHSA-5pq7-52mg-hr42 remotely exploitable?

I'm reading https://github.com/advisories/GHSA-5pq7-52mg-hr42 and I'm not quite following the attack vector.  If I'm reading it properly this vulnerability requires malicious local input to HTTParty?  Is there a vulnerability here triggerable by a HTTP response?