VYPR

Omero

by Ome

CVEs (4)

  • CVE-2017-1000438HigJan 2, 2018
    risk 0.54cvss 8.3epss 0.01

    In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file on the underlying filesystem, then manipulate the user's data.

  • CVE-2020-6752Jun 17, 2020
    risk 0.00cvss epss 0.01

    In OMERO before 5.6.1, group owners can access members' data in other groups.

  • CVE-2019-16245Jun 17, 2020
    risk 0.00cvss epss 0.01

    OMERO before 5.6.1 makes the details of each user available to all users.

  • CVE-2014-7198Mar 31, 2019
    risk 0.00cvss epss 0.01

    OMERO before 5.0.6 has multiple CSRF vulnerabilities because the framework for OMERO's web interface lacks CSRF protection.