CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42346 – Stored Cross Site Scripting (Stored XSS) in Galaxy
https://notcve.org/view.php?id=CVE-2024-42346
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/galaxyproject/galaxy/security/advisories/GHSA-x6w7-3gwf-qr9r • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-42812 – Galaxy vulnerable to Server Side Request Forgery during data imports
https://notcve.org/view.php?id=CVE-2023-42812
Galaxy is an open-source platform for FAIR data analysis. Prior to version 22.05, Galaxy is vulnerable to server-side request forgery, which allows a malicious to issue arbitrary HTTP/HTTPS requests from the application server to internal hosts and read their responses. Version 22.05 contains a patch for this issue. Galaxy es una plataforma de código abierto para el análisis de datos FAIR. Antes de la versión 22.05, Galaxy es vulnerable a Server-Side Request Forgery (SSRF), lo que permite que un malware emita solicitudes HTTP/HTTPS arbitrarias desde el servidor de aplicaciones a los hosts internos y lea sus respuestas. • https://github.com/galaxyproject/galaxy/blob/06d56c859713b74f1c2e35da1c2fcbbf0a965645/lib/galaxy/files/uris.py https://github.com/galaxyproject/galaxy/security/advisories/GHSA-vf5q-r8p9-35xh • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-27578 – Galaxy vulnerable to unauthorized modification of pages/visualizations due to insufficient permission check
https://notcve.org/view.php?id=CVE-2023-27578
Galaxy is an open-source platform for data analysis. All supported versions of Galaxy are affected prior to 22.01, 22.05, and 23.0 are affected by an insufficient permission check. Unsupported versions are likely affected as far back as the functionality of Visualizations/Pages exists. Due to this issue, an attacker can modify or delete any Galaxy Visualization or Galaxy Page given they know the encoded ID of it. Additionally, they can copy or import any Galaxy Visualization given they know the encoded ID of it. • https://depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_22.01.patch https://depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_22.05.patch https://depot.galaxyproject.org/patch/GX-2022-0002/modify_pages_viz-release_23.0.patch https://github.com/galaxyproject/galaxy/security/advisories/GHSA-j8q2-r4g5-f22j • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23470 – Arbitrary file access in the Galaxy data analysis platform
https://notcve.org/view.php?id=CVE-2022-23470
Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and higher, after the switch to gunicorn, which serve static contents directly. Additionally, the vulnerability is mitigated when using Nginx or Apache to serve /static/* contents, instead of Galaxy's internal middleware. This issue has been patched in commit `e5e6bda4f` and will be included in future releases. • https://github.com/galaxyproject/galaxy/commit/e5e6bda4f014f807ca77ee0cf6af777a55918346 https://github.com/galaxyproject/galaxy/security/advisories/GHSA-grjf-2ghx-q77x • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •