3 matches found
CVE-2013-5671
lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors...
CVE-2013-5671
lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors...
CVE-2013-5671
The CVE-2013-5671 issue affects the fog-dragonfly gem for Ruby (version 0.8.2) where lib/dragonfly/imagemagickutils.rb passes unescaped user input to shell commands, enabling remote command execution via unspecified vectors. The root cause is input not being sanitized before constructing the comm...