Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:gem/mini_magick@2.0.2
purl pkg:gem/mini_magick@2.0.2
Next non-vulnerable version 4.9.4
Latest non-vulnerable version 4.9.4
Risk 4.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-7k94-x8bg-9uh8
Aliases:
CVE-2013-2616
GHSA-w754-gq8r-pf5f
OSV-91231
MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection
3.6.0
Affected by 1 other vulnerability.
VCID-eqqb-wejk-z3hc
Aliases:
CVE-2019-13574
GHSA-r7j3-vvh2-xrpj
security update
4.9.4
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-13T09:17:28.894715+00:00 Ruby Importer Affected by VCID-7k94-x8bg-9uh8 https://github.com/rubysec/ruby-advisory-db/blob/master/gems/mini_magick/CVE-2013-2616.yml 38.6.0
2026-06-12T17:12:55.684372+00:00 GitLab Importer Affected by VCID-eqqb-wejk-z3hc https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/mini_magick/CVE-2019-13574.yml 38.6.0
2026-06-12T16:46:28.324137+00:00 GitLab Importer Affected by VCID-7k94-x8bg-9uh8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/gem/mini_magick/CVE-2013-2616.yml 38.6.0