An arbitrary file upload vulnerability in the image upload function of Automad v2.0.0 allows attackers to execute arbitrary code via a crafted file.
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-40400.json"
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.0-alpha1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.0-alpha2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.0-alpha3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "2.0.0-alpha4"
}
]
}
]