Dragonfly Project Dragonfly — known CVE vulnerabilities
Every CVE whose affected-product data names Dragonfly Project Dragonfly, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-33564 — CVSS 9.8 (critical): An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files…
CVE-2021-33473 — CVSS 9.1 (critical): An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allows attackers to read and write arbitrary files when the verify_url…