18 matches found
CVE-2024-41668
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...
EUVD-2021-24702
Malware in sbrugna...
EUVD-2024-39122
Malicious code in bioql PyPI...
CVE-2021-38244
A regular expression denial of service ReDoS vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json...
CVE-2024-41668
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...
CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...
CVE-2024-41668
The CVE-2024-41668 affects cBioPortal for Cancer Genomics. A publicly exposed proxy endpoint without authentication allows Server-Side Request Forgery (SSRF); logged-in users can exploit this on private instances too. A fix is available in version 6.0.12. As a workaround, disable the /proxy endpo...
CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...
CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...
PT-2024-29495 · Unknown · Cbioportal
Name of the Vulnerable Software and Affected Versions: cBioPortal versions prior to 6.0.12 Description: The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication...
cBioPortal 安全漏洞
cBioPortal is an application of cBioPortal open source. It is used to provide visualization, analysis, and download of large-scale cancer genomics datasets. A security vulnerability exists in cBioPortal that originates when running a publicly available proxy endpoint without authentication...
CbioPortal Denial of Service Vulnerability
CbioPortal is used to provide visualization, analysis, and download of large-scale cancer genomics datasets. a denial-of-service vulnerability exists in CbioPortal in versions 3.6.21 and earlier, which stems from the insecure handling of regular expressions in /ProteinArraySignificanceTest.json,...
CVE-2021-38244
A regular expression denial of service ReDoS vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json...
CVE-2021-38244
A regular expression denial of service ReDoS vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json...
Denial of service
A regular expression denial of service ReDoS vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json...
CVE-2021-38244
A regular expression denial of service ReDoS vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json...
CVE-2021-38244
cbioPortal
cbioportal 安全漏洞
CbioPortal is used to provide visualization, analysis, and download of large-scale cancer genomics datasets. a denial-of-service vulnerability exists in CbioPortal in versions 3.6.21 and earlier, which stems from the insecure handling of regular expressions in /ProteinArraySignificanceTest.json,...