Vulnerabilities (CVE)

Filtered by vendor Mark Evans Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-5671 1 Mark Evans 1 Fog-dragonfly 2024-02-28 7.5 HIGH N/A
lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2013-1756 2 Mark Evans, Ruby On Rails 2 Dragonfly Gem, Ruby On Rails 2024-02-28 7.5 HIGH N/A
The Dragonfly gem 0.7 before 0.8.6 and 0.9.x before 0.9.13 for Ruby, when used with Ruby on Rails, allows remote attackers to execute arbitrary code via a crafted request.