Arbitrary Command Execution Vulnerability in Cocaine Gem (Ruby)

CVE-2013-4457 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.

Learn more about our Web Application Penetration Testing UK.