High severityNVD Advisory· Published May 12, 2014· Updated May 6, 2026
CVE-2013-5671
CVE-2013-5671
Description
lib/dragonfly/imagemagickutils.rb in the fog-dragonfly gem 0.8.2 for Ruby allows remote attackers to execute arbitrary commands via unspecified vectors.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dragonflyRubyGems | < 1.0.0 | 1.0.0 |
fog-dragonflyRubyGems | <= 0.9.15 | — |
Affected products
1- cpe:2.3:a:mark_evans:fog-dragonfly:0.8.2:*:*:*:*:ruby:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- seclists.org/fulldisclosure/2013/Sep/18nvdExploitWEB
- seclists.org/oss-sec/2013/q3/526nvdExploitWEB
- seclists.org/oss-sec/2013/q3/528nvdExploitWEB
- www.vapid.dhs.org/advisories/fog-dragonfly-0.8.2-cmd-inj.htmlnvdExploit
- github.com/advisories/GHSA-qrgf-jqqm-x7xvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2013-5671ghsaADVISORY
- github.com/github/advisory-database/pull/486ghsaWEB
- github.com/markevans/dragonfly/issues/520ghsaWEB
- web.archive.org/web/20201208033320/http://www.vapid.dhs.org/advisories/fog-dragonfly-0.8.2-cmd-inj.htmlghsaWEB
- www.osvdb.org/96798nvd
News mentions
0No linked articles in our index yet.