Vulnerability Details CVE-2024-42360
SequenceServer lets you rapidly set up a BLAST+ server with an intuitive user interface for personal or group use. Several HTTP endpoints did not properly sanitize user input and/or query parameters. This could be exploited to inject and run unwanted shell commands. This vulnerability has been fixed in 3.1.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.8%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-42360
-
cpe:2.3:a:wurmlab:sequenceserver:-
-
cpe:2.3:a:wurmlab:sequenceserver:0.7.1
-
cpe:2.3:a:wurmlab:sequenceserver:0.8.0
-
cpe:2.3:a:wurmlab:sequenceserver:0.8.7
-
cpe:2.3:a:wurmlab:sequenceserver:0.8.9
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.0
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.1
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.10
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.11
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.12
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.13
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.14
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.2
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.3
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.4
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.5
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.6
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.7
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.8
-
cpe:2.3:a:wurmlab:sequenceserver:1.0.9
-
cpe:2.3:a:wurmlab:sequenceserver:1.1.0
-
cpe:2.3:a:wurmlab:sequenceserver:2.0.0
-
cpe:2.3:a:wurmlab:sequenceserver:2.1.0
-
cpe:2.3:a:wurmlab:sequenceserver:2.2.0
-
cpe:2.3:a:wurmlab:sequenceserver:3.0
-
cpe:2.3:a:wurmlab:sequenceserver:3.0.1
-
cpe:2.3:a:wurmlab:sequenceserver:3.1.0
-
cpe:2.3:a:wurmlab:sequenceserver:3.1.1