scout-browser@4.4.1 vulnerabilities
Clinical DNA variant visualizer and browser.
-
latest version
4.91.1
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
3 days ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the scout-browser package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
scout-browser is a Clinical DNA variant visualizer and browser. Affected versions of this package are vulnerable to URL Redirection to Untrusted Site ('Open Redirect') due to absence of sanitization logic of Note: Due to lack of scheme validation, the attacker can attempt to perform HTTPS Downgrade Attack to perform Man-in-the-Middle attack to steal sessions to perform account takeover. How to fix URL Redirection to Untrusted Site ('Open Redirect')? Upgrade |
[,4.89)
|
scout-browser is a Clinical DNA variant visualizer and browser. Affected versions of this package are vulnerable to Improper Escaping of Output due to the lack of sanitization in the How to fix Improper Escaping of Output? Upgrade |
[,4.89)
|
scout-browser is a Clinical DNA variant visualizer and browser. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF). Pypi package scout-browser (GitHub repository clinical-genomics/scout) prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting. How to fix Server-side Request Forgery (SSRF)? Upgrade |
[,4.52)
|
scout-browser is a Clinical DNA variant visualizer and browser. Affected versions of this package are vulnerable to Directory Traversal due to improper user-input sanitization, via to the How to fix Directory Traversal? Upgrade |
[,4.52)
|