Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-7k94-x8bg-9uh8
Vulnerability ID VCID-7k94-x8bg-9uh8
Aliases CVE-2013-2616
GHSA-w754-gq8r-pf5f
OSV-91231
Summary MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-94 Improper Control of Generation of Code ('Code Injection')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
generic_textual HIGH http://packetstormsecurity.com/files/120777/Ruby-Gem-Minimagic-Command-Execution.html
epss 0.00876 https://api.first.org/data/v1/epss?cve=CVE-2013-2616
epss 0.00876 https://api.first.org/data/v1/epss?cve=CVE-2013-2616
epss 0.00876 https://api.first.org/data/v1/epss?cve=CVE-2013-2616
generic_textual HIGH http://seclists.org/fulldisclosure/2013/Mar/123
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-w754-gq8r-pf5f
generic_textual HIGH https://github.com/minimagick/minimagick
generic_textual HIGH https://github.com/rubysec/ruby-advisory-db/blob/master/gems/mini_magick/CVE-2013-2616.yml
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2013-2616
generic_textual HIGH https://web.archive.org/web/20130315095512/http://www.securityfocus.com/bid/58448
generic_textual HIGH http://www.openwall.com/lists/oss-security/2013/03/19/9
Reference id Reference type URL
http://direct.osvdb.org/show/osvdb/91231
http://packetstormsecurity.com/files/120777/Ruby-Gem-Minimagic-Command-Execution.html
https://api.first.org/data/v1/epss?cve=CVE-2013-2616
http://seclists.org/fulldisclosure/2013/Mar/123
https://github.com/minimagick/minimagick
https://web.archive.org/web/20130315095512/http://www.securityfocus.com/bid/58448
http://vapid.dhs.org/advisories/minimagick.html
http://www.openwall.com/lists/oss-security/2013/03/19/9
CVE-2013-2616 https://nvd.nist.gov/vuln/detail/CVE-2013-2616
CVE-2013-2616.YML https://github.com/rubysec/ruby-advisory-db/blob/master/gems/mini_magick/CVE-2013-2616.yml
GHSA-w754-gq8r-pf5f https://github.com/advisories/GHSA-w754-gq8r-pf5f
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.75735
EPSS Score 0.00876
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T20:23:51.121963+00:00 GHSA Importer Import https://github.com/advisories/GHSA-w754-gq8r-pf5f 38.6.0