EPSS
Percentile
45.6%
dragonfly is vulnerable to argument injection. An attacker can exploit the vulnerability by ejecting crafted url and gaining access to arbitrary files via the disabled verify_url option.
github.com/advisories/GHSA-fj34-jhjx-xmvv
github.com/markevans/dragonfly/commit/25399297bb457f7fcf8e3f91e85945b255b111b5
github.com/markevans/dragonfly/issues/513
security.netapp.com/advisory/ntap-20220715-0004/