CVE-2013-4457 Information

Description

The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object related to recursive variable interpolation.

Reference

http://osvdb.org/98835 http://secunia.com/advisories/55365 http://www.openwall.com/lists/oss-security/2013/10/22/10 https://github.com/thoughtbot/cocaine/blob/master/NEWS.md