5 matches found
CVE-2024-42346
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All...
galaxy-app (>=23.0.1 <=24.0.3), galaxy-job-execution (>=23.0.1 <=24.0.3) +11 more potentially affected by CVE-2024-42346 via galaxy-data (>=22.1.1 <=24.0.3)
galaxy-data PYPI version =22.1.1, =23.0.1, =23.0.1, =23.0.2, =21.9.0, =23.2.1, =0.4.0, =0.0.1, =0.13.0, =0.6.0, =0.1.0, =0.8.0, =0.1.0, =0.12.0 Source cves: CVE-2024-42346 Source advisory: OSV:PYSEC-2024-273...
janis-pipelines (>=0.4.0 <=0.13.1), janis-pipelines-bioinformatics (>=0.0.1 <=0.12.2) +5 more potentially affected by CVE-2024-42346 via galaxy-auth (=22.1.1)
galaxy-auth PYPI version =22.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on galaxy-auth and may be impacted: - janis-pipelines =0.4.0, =0.0.1, =0.13.0, =0.6.0, =0.1.0, =0.8.0, =0.1.0, =0.12.0 Source cves: CVE-2024-42346 Source advisory:...
CVE-2024-42346 Stored Cross Site Scripting (Stored XSS) in Galaxy
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All...
CVE-2024-42346 Stored Cross Site Scripting (Stored XSS) in Galaxy
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All...