SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Several HTTP endpoints did not properly sanitize user input and/or query parameters. This could be exploited to inject and run unwanted shell commands. This vulnerability has been fixed in 3.1.2.
Metrics
Affected Vendors & Products
References
History
Fri, 16 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:wurmlab:sequenceserver:*:*:*:*:*:ruby:*:* |
Thu, 15 Aug 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Wurmlab
Wurmlab sequenceserver |
|
CPEs | cpe:2.3:a:wurmlab:sequenceserver:*:*:*:*:*:*:*:* | |
Vendors & Products |
Wurmlab
Wurmlab sequenceserver |
|
Metrics |
ssvc
|
Wed, 14 Aug 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Several HTTP endpoints did not properly sanitize user input and/or query parameters. This could be exploited to inject and run unwanted shell commands. This vulnerability has been fixed in 3.1.2. | |
Title | Command Injection in sequenceserver | |
Weaknesses | CWE-77 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-08-14T19:50:09.469Z
Updated: 2024-08-15T15:05:31.961Z
Reserved: 2024-07-30T14:01:33.922Z
Link: CVE-2024-42360
Vulnrichment
Updated: 2024-08-15T15:05:16.838Z
NVD
Status : Analyzed
Published: 2024-08-14T20:15:12.533
Modified: 2024-08-16T20:00:10.467
Link: CVE-2024-42360
Redhat
No data.