Cocaine
Monthly
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.
The Cocaine gem 0.4.0 through 0.5.2 for Ruby allows context-dependent attackers to execute arbitrary commands via a crafted has object, related to recursive variable interpolation. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.