Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Openmicroscopy Subscribe
Filtered by product Omero.server
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16244 1 Openmicroscopy 1 Omero.server 2021-07-21 7.5 HIGH 9.8 CRITICAL
OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query.
CVE-2019-9944 1 Openmicroscopy 1 Omero.server 2021-07-21 5.0 MEDIUM 7.5 HIGH
In Open Microscopy Environment OMERO.server 5.0.0 through 5.6.0, the reading of files from imported image filesets may circumvent OMERO permissions restrictions. This occurs because the Bio-Formats feature allows an image file to have embedded pathnames.
CVE-2019-9943 1 Openmicroscopy 1 Omero.server 2020-06-24 5.0 MEDIUM 7.5 HIGH
In ome.services.graphs.GraphTraversal.findObjectDetails in Open Microscopy Environment OMERO.server 5.1.0 through 5.6.0, permissions on OMERO model objects may be circumvented during certain operations such as move and delete, because group permissions are mishandled.