GHSA-vr85-5pwx-c6gq
Suggest an improvement- Source
- https://github.com/advisories/GHSA-vr85-5pwx-c6gq
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-vr85-5pwx-c6gq/GHSA-vr85-5pwx-c6gq.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-vr85-5pwx-c6gq
- Aliases
- Related
- Published
- 2024-05-21T14:33:23Z
- Modified
- 2024-05-21T15:56:59.065119Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- OMERO.web must check that the JSONP callback is a valid function
- Details
-
Background
There is currently no escaping or validation of the
callbackparameter that can be passed to various OMERO.web endpoints that have JSONP enabled. One such endpoint is/webclient/imgData/.... As we only really use these endpoints with jQuery's own callback name generation [^1] it is quite difficult or even impossible to exploit this in vanilla OMERO.web. However, these metadata endpoints are likely to be used by many plugins.Impact
OMERO.web before 5.25.0
Patches
Users should upgrade to 5.26.0 or higher
Workarounds
None
References
- https://stackoverflow.com/questions/2777021/do-i-need-to-sanitize-the-callback-parameter-from-a-jsonp-call
- https://stackoverflow.com/questions/1661197/what-characters-are-valid-for-javascript-variable-names
For more information If you have any questions or comments about this advisory:
Open an issue in omero-web Email us at security@openmicroscopy.org
- Database specific
{ "nvd_published_at": "2024-05-21T13:15:08Z", "cwe_ids": [ "CWE-830" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-05-21T14:33:23Z" }- References
Affected packages
PyPI / omero-web
Package
- Name
- omero-web
- View open source insights on deps.dev
- Purl
- pkg:pypi/omero-web
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.26.0
Affected versions
5.*
5.5.dev1
5.5.dev2
5.6.dev1
5.6.dev2
5.6.dev3
5.6.dev4
5.6.dev5
5.6.dev6
5.6.dev7
5.6.0
5.6.1
5.6.2
5.6.3
5.7.0
5.7.1
5.8.0
5.8.1
5.9.0
5.9.1
5.9.2
5.10.0
5.11.0rc1
5.11.0
5.12.0
5.12.1
5.13.0
5.14.0rc1
5.14.0
5.14.1
5.15.0
5.16.0
5.17.0
5.18.0
5.19.0
5.20.0
5.21.0
5.22.0
5.22.1
5.23.0
5.23.1.dev0
5.24.0
5.25.0