Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Dragonfly Project Subscribe
Filtered by product Dragonfly
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33564 1 Dragonfly Project 1 Dragonfly 2024-11-21 6.8 MEDIUM 9.8 CRITICAL
An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verify_url option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishandle use of the ImageMagick convert utility.
CVE-2021-33473 1 Dragonfly Project 1 Dragonfly 2024-11-21 4.9 MEDIUM 9.1 CRITICAL
An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allows attackers to read and write arbitrary files when the verify_url option is disabled. This vulnerability is exploited via a crafted URL.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024