Sha256: f01fbab388e5c97ade085b9fcfb8b4ef44f24e3f594ac99e79c0f2c52946b9e6

Contents?: true

Size: 531 Bytes

Versions: 5

Compression:

Stored size: 531 Bytes

Contents

---
gem: fog-dragonfly
cve: 2013-5671
osvdb: 96798
url: http://osvdb.org/show/osvdb/96798
title: fog-dragonfly Gem for Ruby imagemagickutils.rb Remote Command Execution
date: 2013-09-03
description: |
  fog-dragonfly Gem for Ruby contains a flaw that is due to the program
  failing to properly sanitize input passed via the imagemagickutils.rb script.
  This may allow a remote attacker to execute arbitrary commands.

  This gem has been renamed. Please use "dragonfly" from now on.
cvss_v2: 7.5
patched_versions:
  - ">= 0.8.4"

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/fog-dragonfly/OSVDB-96798.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/fog-dragonfly/OSVDB-96798.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/fog-dragonfly/OSVDB-96798.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/fog-dragonfly/OSVDB-96798.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/fog-dragonfly/OSVDB-96798.yml