CVE-2022-24720
CVE-2022-24720 affects the image_processing Ruby gem (wrapper for libvips/ImageMagick/GraphicsMagick). A bug in the #apply method allows executing shell commands when operation sequences come from unsanitized user input. This chain affects Active Storage variants that rely on image_processing. Th...