The karo gem 2.3.8 for Ruby allows Remote command injection via the host field.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected