Mlr0Po

**Name of the Vulnerable Software and Affected Versions** Dragonfly Ruby Gem version 1.3.0 **Description** An argument injection issue allows attackers to read and write arbitrary files when the `verify url` option is disabled. This issue is exploited via a crafted URL. **Recommendations** For Dragonfly Ruby Gem version 1.3.0, consider enabling the `verify url` option to mitigate the risk of exploitation. As a temporary workaround, restrict access to sensitive files and directories until a patch is available.