Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
minimagick vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2019-13574
In lib/mini_magick/image.rb in MiniMagick prior to 4.9.4, a fetched remote image filename could cause remote command execution because Image.open input is directly passed to Kernel#open, which accepts a '|' character followed by a command.
Minimagick Project Minimagick
Debian Debian Linux 10.0
Debian Debian Linux 9.0
1 Github repository
668
VMScore
CVE-2013-2616
lib/mini_magick.rb in the MiniMagick Gem 1.3.1 for Ruby allows remote malicious users to execute arbitrary commands via shell metacharacters in a URL.
Rubygems Mini Magick 1.3.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started