ADVISORIES
- CVE-2013-5671 (NVD)
- GHSA-qrgf-jqqm-x7xv
- OSVDB-96798
GEM
SEVERITY
CVSS v2.0: 7.5 (High)
PATCHED VERSIONS
- >= 0.8.4
DESCRIPTION
fog-dragonfly Gem for Ruby contains a flaw that is due to the program failing to properly sanitize input passed via the imagemagickutils.rb script. This may allow a remote attacker to execute arbitrary commands.
This gem has been renamed. Please use "dragonfly" from now on.