Parameter parsing remote code execution
Nori has a parameter parsing error that may allow an attacker to execute arbitrary code. This vulnerability has to do with type casting during parsing, and is related to CVE-2013-0156.
Advisories for Gem/Nori package
2013