CVE-2021-21376: OMERO.web exposes some unnecessary session information in the page
(updated )
OMERO.web before 5.9.0
References
- github.com/advisories/GHSA-gfp2-w5jm-955q
- github.com/ome/omero-web
- github.com/ome/omero-web/blob/master/CHANGELOG.md
- github.com/ome/omero-web/commit/952f8e5d28532fbb14fb665982211329d137908c
- github.com/ome/omero-web/security/advisories/GHSA-gfp2-w5jm-955q
- github.com/pypa/advisory-database/tree/main/vulns/omero-web/PYSEC-2021-31.yaml
- nvd.nist.gov/vuln/detail/CVE-2021-21376
- pypi.org/project/omero-web
- www.openmicroscopy.org/security/advisories/2021-SV1
Detect and mitigate CVE-2021-21376 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →