Recursive Interpolation Vulnerability
Due to the method of variable interpolation in Cocaine to, an attacker may be able to inject hostile commands into a command line via a crafted hash object which are not properly escaped. The impact is lessened on Ruby * because hashed are not ordered by default, and so an attacker must rely on luck for the attack to work. An attack of this sort cannot take place if there …