In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsdragonfly is a framework that enables on-the-fly processing for any content type. This gem was renamed from fog-dragonfly to dragonfly.
Affected versions of this gem are vulnerable to a remote attacker gaining read/write access to the filesystem, and executing arbitrary commands via a flaw in uploading & processing. This is that is due to the gem failing to restrict arbitrary commands to imagemagicks convert.
Related to SNYK-RUBY-DRAGONFLY-20192