CVE-2019-9944

HIGH

7.5

CVSS Severity Score

EPSS Score0.0350%

EPSS Percentile21.38th

Published2020年6月17日

Last Modified2024年11月21日

Vulnerability Description

In Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the reading of files from imported image filesets may circumvent OMERO permissions restrictions. This occurs because the Bio-Formats feature allows an image file to have embedded pathnames.

Affected Platforms (CPE)

📦

Openmicroscopy

Omero.server

>= 5.0.0 and <= 5.6.0

References & Advisories

🔗 https://www.openmicroscopy.org/security/advisories/2019-SV1/

関連する脆弱性情報

CVE-2019-700310.0

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execu...

CVE-2019-1302010.0

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse....

CVE-2019-1095910.0

BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does...

CVE-2019-1664910.0

On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual med...