Lucene search

CVE-2023-27578

🗓️ 20 Mar 2023 20:52:15Reported by GitHub_MType

Galaxy open-source data analysis platform prior to 22.01, 22.05, and 23.0 allows attackers to modify/delete visualizations/pages or copy/import given the encoded ID

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2023-27578 Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check	20 Mar 202319:00	–	cvelist
OSV	CVE-2023-27578	20 Mar 202320:15	–	osv
Vulnrichment	CVE-2023-27578 Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check	20 Mar 202319:00	–	vulnrichment
Prion	Design/Logic Flaw	20 Mar 202320:15	–	prion
RedhatCVE	CVE-2023-27578	23 May 202502:26	–	redhatcve
NVD	CVE-2023-27578	20 Mar 202320:15	–	nvd

Nvd

Vulners

Node

galaxyproject galaxyRange<22.01

[
  {
    "vendor": "galaxyproject",
    "product": "galaxy",
    "versions": [
      {
        "version": "< 22.01",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/galaxyproject/galaxy/security/advisories/GHSA-j8q2-r4g5-f22j
depot	www.depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_22.01.patch
depot	www.depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_23.0.patch
depot	www.depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_22.05.patch

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Mar 2023 20:15Current

7.7High risk

Vulners AI Score7.7

CVSS37.5 - 9.1

EPSS0.00137

SSVC