Security Advisory

CVE-2023-42812

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-22 16:07:02

Last updated 2024-09-24 14:25:37

Assigner GitHub_M

State PUBLISHED

Description

Galaxy is an open-source platform for FAIR data analysis. Prior to version 22.05, Galaxy is vulnerable to server-side request forgery, which allows a malicious to issue arbitrary HTTP/HTTPS requests from the application server to internal hosts and read their responses. Version 22.05 contains a patch for this issue.

← Browse all CVEs View on cve.org ↗