{"id":"CVE-2024-39118","details":"Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up.","modified":"2026-04-10T05:14:20.934841Z","published":"2024-07-09T17:15:48.153Z","references":[{"type":"FIX","url":"https://github.com/MommyHeather/AdvancedBackups/commit/1545f499f73bf434ed292c31121fdda8042ff5d6"},{"type":"EVIDENCE","url":"https://gist.github.com/apple502j/193358682885fe1a6708309ce934e4ed"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/heathercomputer/advancedbackups","events":[{"introduced":"0"},{"fixed":"1545f499f73bf434ed292c31121fdda8042ff5d6"}]},{"type":"GIT","repo":"https://github.com/heathercomputer/advancedbackups","events":[{"introduced":"0"},{"fixed":"1545f499f73bf434ed292c31121fdda8042ff5d6"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-39118.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}