Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/ruby-mini-magick@3.8.1-1
purl pkg:deb/debian/ruby-mini-magick@3.8.1-1
Next non-vulnerable version 4.10.1-1
Latest non-vulnerable version 4.10.1-1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-xks8-n3w6-8bew
Aliases:
CVE-2019-13574
GHSA-r7j3-vvh2-xrpj
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') In lib/mini_magick/image.rb in MiniMagick, a fetched remote image filename could cause remote command execution.
4.5.1-1+deb9u1
Affected by 1 other vulnerability.
4.9.2-1+deb10u1
Affected by 1 other vulnerability.
4.10.1-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-06T03:21:05.109631+00:00 Debian Oval Importer Affected by VCID-xks8-n3w6-8bew https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0
2026-06-05T22:56:20.775221+00:00 Debian Oval Importer Affected by VCID-xks8-n3w6-8bew https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 38.6.0
2026-06-05T22:48:47.123872+00:00 Debian Oval Importer Affected by VCID-xks8-n3w6-8bew https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 38.6.0