CVE-2013-4457

Published November 2nd, 2013

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.

thoughtbot/cocaine

A small library for doing (command) lines.

GitHub

783