Description

Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the contents of public datasets resulting in data loss or tampering. All supported branches of Galaxy (and more back to release_21.05) were amended with the below patch. Users are advised to upgrade. There are no known workarounds for this vulnerability.

INFO

Published Date :

2024-09-20T18:56:53.987Z

Last Modified :

2024-09-20T20:08:03.491Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-42351 vulnerability.

Vendors Products
Galaxyproject
  • Galaxy
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-42351.

URL Resource
https://depot.galaxyproject.org/patch/GX-2024-0001/022da344a02bafd604402ac8e253e0014f6e2e08.patch cve-icon cve-icon
https://depot.galaxyproject.org/patch/GX-2024-0001/15060a6cb222f2fcfc687d0f0260f1eb1b9c757b.patch cve-icon cve-icon
https://depot.galaxyproject.org/patch/GX-2024-0001/235f1d8b400708556732b9dda788c919ebf3bb80.patch cve-icon cve-icon
https://github.com/galaxyproject/galaxy/security/advisories/GHSA-5639-cmph-9j4v cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact