---
gem: fog-dragonfly
cve: 2013-1756
osvdb: 90647
url: https://nvd.nist.gov/vuln/detail/CVE-2013-1756
title: Dragonfly Gem for Ruby Crafted Request Parsing Remote Code Execution
date: 2013-02-19
description: |
  Dragonfly Gem for Ruby contains a flaw that is triggered during the parsing
  of a specially crafted request. This may allow a remote attacker to execute
  arbitrary code.

  This gem has been renamed. Please use "dragonfly" from now on.
cvss_v2: 7.5
unaffected_versions:
  - "< 0.7.0"
patched_versions:
  - ">= 0.9.14"