CVE-2024-40400

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-40400
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40400.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-40400
Aliases
Published
2024-07-19T19:15:09Z
Modified
2025-06-05T03:57:44.680921Z
Summary
[none]
Details

An arbitrary file upload vulnerability in the image upload function of Automad v2.0.0 allows attackers to execute arbitrary code via a crafted file.

References

Affected packages

Git / github.com/marcantondahmen/automad

Affected ranges

Type
GIT
Repo
https://github.com/marcantondahmen/automad
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

0.*

0.1
0.10
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9

1.*

1.0.0
1.0.0-beta1
1.0.0-beta2
1.0.0-beta3
1.0.0-beta4
1.0.0-beta5
1.0.1
1.0.2
1.0.3
1.0.4
1.1.0
1.10.0
1.10.1
1.10.2
1.10.3
1.10.4
1.10.5
1.10.6
1.10.7
1.10.8
1.10.9
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.3.0
1.3.1
1.3.2
1.4.0
1.4.1
1.4.2
1.4.3
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.6.0
1.6.1
1.6.10
1.6.11
1.6.12
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7
1.6.8
1.6.9
1.7.0
1.7.1
1.7.2
1.7.3
1.7.4
1.7.5
1.8.0
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
1.9.0
1.9.1
1.9.2
1.9.3
1.9.4