CVE-2013-4457

CVE-2013-4457

EPSS 1.5%

The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/98835 http://secunia.com/advisories/55365 https://github.com/thoughtbot/cocaine/blob/master/NEWS.md http://www.openwall.com/lists/oss-security/2013/10/22/10