Vulnerability CVE-2024-42360


Published: 2024-08-14

Description:
SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Several HTTP endpoints did not properly sanitize user input and/or query parameters. This could be exploited to inject and run unwanted shell commands. This vulnerability has been fixed in 3.1.2.

 References:
https://github.com/wurmlab/sequenceserver/security/advisories/GHSA-qv32-5wm2-p32h
https://github.com/wurmlab/sequenceserver/commit/457e52709f7f9ed2fceed59b3db564cb50785dba

Copyright 2025, cxsecurity.com

 

Back to Top