Debian: DSA-4481-1: ruby-mini-magick security update
Jul13
on July 13, 2019
at 9:55 am
Posted In: Uncategorized
Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input.
Comment