---
gem: fog-dragonfly
cve: 2013-5671
osvdb: 96798
url: https://nvd.nist.gov/vuln/detail/CVE-2013-5671
title: fog-dragonfly Gem for Ruby imagemagickutils.rb Remote Command Execution
date: 2013-09-03
description: |
  fog-dragonfly Gem for Ruby contains a flaw that is due to the program
  failing to properly sanitize input passed via the imagemagickutils.rb script.
  This may allow a remote attacker to execute arbitrary commands.

  This gem has been renamed. Please use "dragonfly" from now on.
cvss_v2: 7.5
patched_versions:
  - ">= 0.8.4"