CVE-2019-13574

Published about 1 month ago
Category: Input Validation
Severity: Critical

Vulnerability in mini_magick

A remote shell execution vulnerability when using MiniMagick::Image.open with URL coming from unsanitized user input. e.g. MiniMagick::Image.open("| touch.txt")

CVSS Metrics
Access Vector Access Complexity Authentication Confidentiality Impact Integrity Impact Availability Impact
n/a n/a n/a n/a n/a n/a
Patched Versions

>= 4.9.4

Unaffected Versions

n/a

References

n/a