- >= 0.8.4
Dragonfly Gem for Ruby contains a flaw in Uploading & Processing that is due to the gem failing to restrict arbitrary commands to imagemagicks convert. This may allow a remote attacker to gain read/write access to the filesystem and execute arbitrary commands.
This gem has been renamed. Please use “dragonfly” from now on.