PT-2024-40010 — OS Command Injection in Unknown Imagemagick

PT-2024-40010 · Unknown · Imagemagick

Published

2024-05-15

Updated

2024-05-15

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions ImageMagick (affected versions not specified)

Description The issue may lead to the execution of OS commands when unvalidated image filenames containing specially crafted strings are passed to the ImageMagick driver.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

GHSA-26HP-CGJJ-M2J3

Affected Products

Imagemagick

PT-2024-40010 · Unknown · Imagemagick

Weakness Enumeration

Related Identifiers

Affected Products

References · 5