17 matches found
EUVD-2022-2756
Malicious code in bioql PyPI...
CVE-2022-1554
Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...
CVE-2022-1592
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
Scout 安全漏洞
Scout is an open source platform from Clinical Genomics for analyzing VCFs and being able to aid collaborations to solve rare diseases faster. A security vulnerability exists in Scout versions prior to 4.89 that stems from a lack of filename cleanup and can bypass expected file extensions and all...
GHSA-W228-RFPX-FHM4 cg vulnerable to an Open Redirect Vulnerability on Referer Header
Summary A vulnerability has been discovered in the handling of the referrer header in the application, which could allow an attacker to conduct open redirects. The issue arises from improper validation of the referrer header in certain conditions. By manipulating the referrer header, an attacker...
Server-Side Request Forgery in scout-browser
Pypi package scout-browser GitHub repository clinical-genomics/scout prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting...
GHSA-G53G-Q539-93CV Server-Side Request Forgery in scout-browser
Pypi package scout-browser GitHub repository clinical-genomics/scout prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting...
Server side request forgery (ssrf)
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
CVE-2022-1592 Server-Side Request Forgery in scout in clinical-genomics/scout
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
CVE-2022-1592 Server-Side Request Forgery in scout in clinical-genomics/scout
Server-Side Request Forgery in scout in GitHub repository clinical-genomics/scout prior to v4.42. An attacker could make the application perform arbitrary requests to fishing steal cookie, request to private area, or lead to xss...
CVE-2022-1592
CVE-2022-1592 corresponds to a Server-Side Request Forgery in the Scout component of the clinical-genomics/scout project, affecting versions prior to v4.42. The vulnerability arises in the Scout SSRF surface, enabling an attacker to cause the application to perform arbitrary requests, potentially...
Clinical-Genomics Scout 代码问题漏洞
Scout is a platform for analyzing VCFs and enabling collaboration to solve rare diseases faster. A security vulnerability exists in Clinical-Genomics Scout versions prior to 4.42 that stems from the presence of server-side request forgery in the application. An attacker exploiting this...
CVE-2022-1554
Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...
CVE-2022-1554
Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...
Path traversal
Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...
CVE-2022-1554
CVE-2022-1554 affects the Python package scout (clinical-genomics/scout) prior to version 4.52. The underlying issue is a path traversal vulnerability caused by a send_file/end_file usage, exposing potential unauthorized access to files. Exploitation or real-world details are not provided in the ...
CVE-2022-1554 Path Traversal due to `send_file` call in clinical-genomics/scout
Path Traversal due to sendfile call in GitHub repository clinical-genomics/scout prior to 4.52...